SANS Penetration Testing

Pen Test Poster: "White Board" - Bash - Check Service Every Second

By Matthew Toussain If you've had the opportunity to take SANS 560, Network Penetration Testing and Ethical Hacking, chances are you were exposed to the Pentester's Pledge. The pledge, for those who aren't familiar is: "I , do hereby pledge to use psexec to exploit Windows target machines after I have gained admin credentials … Continue reading Pen Test Poster: "White Board" - Bash - Check Service Every Second


SANS Cheat Sheet: Metasploit

For the longest time we haven't had a proper blog post for our Metasploit Cheat Sheet. This is one of our most popular cheat sheets. It was created by Ed Skoudis and his team. When we attend BSides and conferences like DerbyCon and ShmooCon we bring a ton of printed copies with us and give … Continue reading SANS Cheat Sheet: Metasploit


SANS Penetration Testing: Command Line Kung-Fu - Desktop Wallpapers

SANS Pen Test: Command Line Kung-Fu Desktop Wallpapers So... we madeour new SANS Pen Test Poster: "White Board of Awesome Command Line Kung-Fu" and posted it on Twitter for some initial feedback and someone asked us if we could turn it into a desktop wallpaper and we thought, "that's a really cool idea!" But, we … Continue reading SANS Penetration Testing: Command Line Kung-Fu - Desktop Wallpapers


Pen Test Poster: "White Board" - Bash - What's My Public IP Address?

By Matthew Toussain, Geoff Pamerleau Introduction After hours of digging, you finally reach your goal and exclaim, "I GOT SHELL!" You brush the dirt off your shoulders and suddenly wonder, "Now what?" Fortunately, if it's a Unix system, we can leverage the rich functionality that comes with Bash in order to move our pentest … Continue reading Pen Test Poster: "White Board" - Bash - What's My Public IP Address?


Pen Test Poster: "White Board" - Bash - Bash's Built-In Netcat Client

By Matthew Toussain, Geoff Pamerleau Introduction Sifting through client external and internal websites is a vital step in any pentest. A tester can uncover all sorts of juicy information such as the identities of important individuals, email addresses, corporate jargon, trusted relationships, and more just hanging out there in the open. But sometimes you really … Continue reading Pen Test Poster: "White Board" - Bash - Bash's Built-In Netcat Client