SANS Penetration Testing: Category - Bash

SANS Poster - White Board of Awesome Command Line Kung Fu (PDF Download)

by: SANS Pen Test Team Imagine you are sitting at your desk and come across a great command line tip that will assist you in your careeras an information security professional, so you jot the tip down on a note, post-it, or scrap sheet of paper and tape it to your white board... now … Continue reading SANS Poster - White Board of Awesome Command Line Kung Fu (PDF Download)


A Spot of Tee

The Restricted Bash Shell By Daniel Pendolino Counter Hack The Bash shell is a nearly ubiquitous way to interact with a Linux console. A little know feature is the restricted Bash shell, which you can invoke by calling rbash or bash -restricted. While it isn't something you would normally opt into, it certainly a situation … Continue reading A Spot of Tee


Pen Test Poster: "White Board" - Bash - Find Juicy Stuff in the File System

By Matthew Toussain, Geoff Pamerleau Pilfering data is a post-exploitation phase that rarely receives enough credit. As pentesters, the way we demonstrate security risk and the way we escalate our attacks to a new level is based entirely on what we find after the compromise is realized. While manually driving the command line from directory … Continue reading Pen Test Poster: "White Board" - Bash - Find Juicy Stuff in the File System


Pen Test Poster: "White Board" - Bash - Sudo... Make Me a Sandwich

By Matthew Toussain, Geoff Pamerleau The other day, while working on setting up a new virtual machine for testing purposes, I ran the following command to get my networking configured ifconfig enp0s8 down only to be greeted with the following: GAH! Why do I need root privileges to bring up or down … Continue reading Pen Test Poster: "White Board" - Bash - Sudo... Make Me a Sandwich


Pen Test Poster: "White Board" - Bash - Make Output Easier to Read

By Matthew Toussain, Geoff Pamerleau Data! DATA!! DATA!!! So much data'' an endlessly grueling component of every information security practitioner's job description is data analysis. Often, digging through an environment for vulnerabilities or configuration flaws involves scrounging through reams of log data. It is not uncommon to find your eyes glazing over while staring at … Continue reading Pen Test Poster: "White Board" - Bash - Make Output Easier to Read