SANS Penetration Testing: Daily Archives: Oct 13, 2017

SCAPY Full Duplex Stream Reassembly

I recently had someone ask me how you can have scapy reassemble full duplex packets for you. That is what Wireshark does when you ask it to "Follow TCP Stream". In SANS SEC573: Automating Information Security with Python we discuss how to use scapy's native session reassembly capabilities, but its default behavior is to … Continue reading SCAPY Full Duplex Stream Reassembly


SQLMAP Tamper Scripts for The Win

During a recent penetration test BURP Suite identified some blind SQL Injection vulnerabilities in a target website. Pointing SQLMAP at the website showed us no love and simply said it was unable to exploit the website. I had mentioned the SQLi issues to the customer and he said that previous penetration testers said they … Continue reading SQLMAP Tamper Scripts for The Win