By Matthew Toussain, Grant Curell Introduction Mobility is a critical component of the attack. The ability to be adaptable, while transporting your tactics and tools into a remote environment, is a key differentiator between inexperienced and senior operators. The criticality is an aftereffect of frequency, one of the most common tasks in pentesting involves … Continue reading Pen Test Poster: "White Board" - PowerShell - One-Line Web Client
By Matthew Toussain, Grant Curell Updated - 3/14/2017 Concealed within his fortress, the Lord of Mordor sees all'' And with PowerShell we can too! Microsoft has truly given system administrators and computer hackers alike a gift: The gift of vision. Take for instance, PowerShell output, format, and export functions. Most scripting languages are … Continue reading Pen Test Poster: "White Board" - PowerShell - Get Firewall Rules
By Matthew Toussain, Grant Curell Introduction NMAP is an ideal choice for port scanning, but sometimes it may not be a feasible option. Other times a quick check to see if a port is open might be all the detail needed. In these scenarios PowerShell really shines. Let's examine methods to use PowerShell for … Continue reading Pen Test Poster: "White Board" - PowerShell - Built-in Port Scanner!
By Matthew Toussain, Grant Curell In many lab and training environments firewalls are disabled to facilitate the learning experience. As part of live pentests however, bypassing and manipulating firewalls is all in a day's work. The Windows firewall is the most common packet filtering hurdle encountered today. While it is not necessarily the most robust … Continue reading Pen Test Poster: "White Board" - PowerShell - Add a Firewall Rule
By Matthew Toussain, Geoff Pamerleau Pilfering data is a post-exploitation phase that rarely receives enough credit. As pentesters, the way we demonstrate security risk and the way we escalate our attacks to a new level is based entirely on what we find after the compromise is realized. While manually driving the command line from directory … Continue reading Pen Test Poster: "White Board" - Bash - Find Juicy Stuff in the File System