SANS Penetration Testing: Category - Metasploit

SANS Penetration Testing:

Custom Payloads in Metasploit

[Editor's Note: Mark Baggett shares some useful insights into delivering custom payloads using Metasploit, with a little Python magic to boot! -Ed.] By Mark Baggett You launch your Metasploit exploit. It looks like it is working but no session is created. What happened? Your exploit just got popped by antivirus software. Such a bummer. Antivirus … Continue reading Custom Payloads in Metasploit

Network Pen Testing Tips, Tricks, Tools and Resources

[Editor's Note: For this year's SANS Pen Test Poster, we asked some of the best pen testers and instructors in the industry to share their wisdom in a series of tips, tricks, tools, and useful resources for various kinds of penetration tests. We got some great input on network pen testing, web app pen testing, … Continue reading Network Pen Testing Tips, Tricks, Tools and Resources

PsExec UAC Bypass

[Editor's Note: In this article, Tim Medin describes a common pen test scenario in which a tester gets limited access of a target Windows machine, and needs to escalate privileges without incurring the wrath of User Account Control (UAC). Tim describes his approach, which involves the use of psexec to bounce off of another machine … Continue reading PsExec UAC Bypass

Invasion of the Network Snatchers: Part I

[Editor's Note: In this article, Tim Medin discusses methods for penetration testing network infrastructure components, specifically through the Simple Network Management Protocol (SNMP). Tim's tips below include a nice overview of SNMP, techniques for formulating highly useful lists of potential authentication credentials for SNMP, a description of how to use an Nmap NSE script for … Continue reading Invasion of the Network Snatchers: Part I

SMB Relay Demystified and NTLMv2 Pwnage with Python

By Mark Baggett [Editor's Note: In this _excellent_ article, Mark Baggett explains in detail how the very powerful SMBRelay attack works and offers tips for how penetration testers can operationalize around it. And, bet yet, about 2/3rds of the way in, Mark shows how you can use a Python module to perform these attacks in … Continue reading SMB Relay Demystified and NTLMv2 Pwnage with Python