SANS Penetration Testing: Category - Metasploit

SANS Cheat Sheet: Metasploit

For the longest time we haven't had a proper blog post for our Metasploit Cheat Sheet. This is one of our most popular cheat sheets. It was created by Ed Skoudis and his team. When we attend BSides and conferences like DerbyCon and ShmooCon we bring a ton of printed copies with us and give … Continue reading SANS Cheat Sheet: Metasploit


Custom Payloads in Metasploit

[Editor's Note: Mark Baggett shares some useful insights into delivering custom payloads using Metasploit, with a little Python magic to boot! -Ed.] By Mark Baggett You launch your Metasploit exploit. It looks like it is working but no session is created. What happened? Your exploit just got popped by antivirus software. Such a bummer. Antivirus … Continue reading Custom Payloads in Metasploit


Network Pen Testing Tips, Tricks, Tools and Resources

[Editor's Note: For this year's SANS Pen Test Poster, we asked some of the best pen testers and instructors in the industry to share their wisdom in a series of tips, tricks, tools, and useful resources for various kinds of penetration tests. We got some great input on network pen testing, web app pen testing, … Continue reading Network Pen Testing Tips, Tricks, Tools and Resources


PsExec UAC Bypass

[Editor's Note: In this article, Tim Medin describes a common pen test scenario in which a tester gets limited access of a target Windows machine, and needs to escalate privileges without incurring the wrath of User Account Control (UAC). Tim describes his approach, which involves the use of psexec to bounce off of another machine … Continue reading PsExec UAC Bypass


Invasion of the Network Snatchers: Part I

[Editor's Note: In this article, Tim Medin discusses methods for penetration testing network infrastructure components, specifically through the Simple Network Management Protocol (SNMP). Tim's tips below include a nice overview of SNMP, techniques for formulating highly useful lists of potential authentication credentials for SNMP, a description of how to use an Nmap NSE script for … Continue reading Invasion of the Network Snatchers: Part I