SANS Penetration Testing

Using Let's Encrypt in Google Compute Engine...

...Or How I Learned to Stop Worrying and Love the Cloud By Daniel Pendolino The Issue While working on last year's SANS Holiday Hack Challenge, we came to the point where the target systems were stable and the mad rush had ebbed. At this point, I started focusing on long-term stability (read: I want Holiday … Continue reading Using Let's Encrypt in Google Compute Engine...


Pen Test Poster: "White Board" - PowerShell - One-Line Web Client

By Matthew Toussain, Grant Curell Introduction Mobility is a critical component of the attack. The ability to be adaptable, while transporting your tactics and tools into a remote environment, is a key differentiator between inexperienced and senior operators. The criticality is an aftereffect of frequency, one of the most common tasks in pentesting involves … Continue reading Pen Test Poster: "White Board" - PowerShell - One-Line Web Client


Pen Test Poster: "White Board" - PowerShell - Get Firewall Rules

By Matthew Toussain, Grant Curell Updated - 3/14/2017 Concealed within his fortress, the Lord of Mordor sees all'' And with PowerShell we can too! Microsoft has truly given system administrators and computer hackers alike a gift: The gift of vision. Take for instance, PowerShell output, format, and export functions. Most scripting languages are … Continue reading Pen Test Poster: "White Board" - PowerShell - Get Firewall Rules


Pen Test Poster: "White Board" - PowerShell - Built-in Port Scanner!

By Matthew Toussain, Grant Curell Introduction NMAP is an ideal choice for port scanning, but sometimes it may not be a feasible option. Other times a quick check to see if a port is open might be all the detail needed. In these scenarios PowerShell really shines. Let's examine methods to use PowerShell for … Continue reading Pen Test Poster: "White Board" - PowerShell - Built-in Port Scanner!


Pen Test Poster: "White Board" - PowerShell - Add a Firewall Rule

By Matthew Toussain, Grant Curell In many lab and training environments firewalls are disabled to facilitate the learning experience. As part of live pentests however, bypassing and manipulating firewalls is all in a day's work. The Windows firewall is the most common packet filtering hurdle encountered today. While it is not necessarily the most robust … Continue reading Pen Test Poster: "White Board" - PowerShell - Add a Firewall Rule