A long time ago, on networks in your community, we had "computer terminals" on our desks that talked to our computers. They may have looked like monitors with keyboard attached to them, but there was more to them than that. They had input buffers that processed what was typed on them. Function keys like the … Continue reading Pen Test Poster: "White Board"- Python - Raw Shell Terminal
Downloading files from the command line is routine tasks for most security professionals. For defenders, the Windows Schedule, SIM management interfaces, Web interfaces for appliances often allow you to schedule a single command for execution. The offensive folks who exploit a command injection vulnerability often need a simple way to download and execute code in … Continue reading Pen Test Poster: "White Board" - Python - Pythonic Web Client
In SEC573: Automating Information Security with Python, we teach defenders to build tools that root out the signs of compromise in your sea of logs and network traffic. We teach forensicators to build tools to find that crucial piece of evidence with no other tools exist. We teach penetration testers how to build a few … Continue reading Pen Test Poster: "White Board" - Python - Python Reverse Shell!
This is such a great little tip. I use this quite frequently during my day to day operations to transfer files back and forth between systems or to colleagues. This wonderful little command will start a web server and make the contents of the folder that the command is launched from available for download. I … Continue reading Pen Test Poster: "White Board" - Python - Pythonic Web Server
I realize that this may not apply to many of the super awesome reader of the SANS blogs, but when mere mortals develop tools the first few versions often have bugs in the code. Python has a very nice debugger that is part of the standard installation called PDB. PDB, aka The Python Debugger is … Continue reading Pen Test Poster: "White Board" - Python - Python Debugger