SANS Penetration Testing: Category - Enumeration

Winners of the SANS Spectacular Pen Test Video Contest

Ladies and gentlemen, boys and girls, friends, Romans, and countryman, I'm delighted to announce the winners to our SANS Spectacular Pen Test Video Contest. Back in January and February, we asked folks to channel their creativity to share some great tips, insights, techniques, and inspiration with other penetration testers. You can read the contest description … Continue reading Winners of the SANS Spectacular Pen Test Video Contest


Plundering Windows Account Info via **Authenticated** SMB Sessions

Rpcclient is Your Friend! By Ed Skoudis I absolutely adore the Server Message Block (SMB) protocol. Sure, it's ugly and bewilderingly complex. But, what I love is the raw power SMB provides for manipulating Windows environments during a penetration test. Via SMB, you can remotely access file shares, the registry, services, domain authentication, and much … Continue reading Plundering Windows Account Info via **Authenticated** SMB Sessions