SANS Penetration Testing: Monthly Archives: Mar 2013

Psexec Python Rocks!

[Editor's Note: Last week, we posted an article about the many faces of psexec functionality from Sysinternals, Metasploit, and the Nmap Scripting Engine, with some tips for using it, along with a Penetration Tester's Pledge. Continuing in that vein, Mark Baggett describes another way to do psexec, and to do it very flexibly: via Python. … Continue reading Psexec Python Rocks!

Coinage: The SANS Pen Testing Coins Backstory

[Editor's Note: Some things I work on are the result of ten, thirty, or one-hundred minutes of effort. Others are the result of six months or a year of work (such as my office tour). This blog is the result of over a year's work by not only me, but also John Strand, Josh Wright, … Continue reading Coinage: The SANS Pen Testing Coins Backstory

Mobile App Analysis with NetworkMiner

[Editor's Note: Josh Wright provides some really useful insight in how penetration testers and vulnerability assessors can use tools traditionally associated with digital forensics to look for information leakage flaws from mobile applications. The techniques he describes below are powerful yet pretty easy to implement — That's awesome. Check out the interesting issue Josh discovered … Continue reading Mobile App Analysis with NetworkMiner

iPillaging - Snarfing Useful Data from iOS Images

[Editor's Note: Tim Medin has taken the SANS Security 575 course on Mobile Device Security and Penetration Testing more than any other human. His frequent stints as a teaching assistant for Josh Wright (yes, mandatoryback rubs) has ensured that unique distinction. In the course, they look at all kinds of cool ways to analyze and … Continue reading iPillaging - Snarfing Useful Data from iOS Images

A Penetration Tester's Pledge

by Ed Skoudis Over the weekend, I was thinking about the wonderful psexec capabilities of tools like Metasploit, the Nmap Scripting engine smb-psexec script, and the psexec tool itself from Microsoft Sysinternals. It's my go-to exploit on Windows targets, once I have gained SMB access and admin credentials (username and password, or username and hash … Continue reading A Penetration Tester's Pledge