My buddy Aamir Lakhani wrote about a cool reconnaissance tool called recon-ng. This tool can automate researching a target using multiple sources. The original post can be found HERE.
Reconnaissance techniques are the one of the first steps penetration testers practice when learning how to exploit systems for vulnerabilities. Traditional reconnaissance techniques are used to gather intelligence, define scope, and identifying weaknesses. Continue reading →
I’ve been asked about suggested training for penetration testing. The most popular programs are the Certified Ethical Hacker CEH (found HERE) and SANs courses (found HERE). There are many books such as the one I wrote with my buddy Aamir (HERE) as well as others I have recommended HERE.
I was provided access to a video series through Packt Publishing titled “Expert Metasploit Penetration Testing [Video]” and found it to be pretty useful for those looking to learn how to use Metasploit. Continue reading →
If you are familiar with penetration tools, then you should know Metasploit. For those that love GUIs, there is a fantastic open source GUI management for Metasploit known as Armitage (found HERE). The same developers of Armitage created a more advanced penetration testing package for a $2,500 annual cost. The tool is called cobalt Strike (CS) and can be downloaded at www.advancedpentest.com for a 21day trail. They also have a 4-hour lab that lets you try out the core cobalt Strike features. It is worth spending the time to test the tool and get some lab time even though the lab itself is is pretty easy. Continue reading →
My buddy Aamir Lakhani and I performed a penetration test using social media sources (Facebook and LinkedIn) as a method to compromise users from our target. You can find more about our project aka Emily Williams HERE and HERE as well as at www.drchaos.com. Continue reading →
PenTest Magazine just released a issue focused on BackTrack titled BackTrack Compendium. I wrote a piece on compromising passwords using tools available in Kali Linux. An image from the introduction of my piece can be found below. I haven’t had a chance to review the entire magazine however glancing over it and found many interesting topics such as “Improve your Firewall Auditing”, “Building a SQLI Test Lab”, “How to Set Up a Software Hacking Lab”, “Multiphase Penetration Testing with Metasploit, Backtrack and Armitage”, “Metasploit Primer”, and many many more. I have a lot of good reading to do this week Continue reading →
The terms Penetration Test, Vulnerability Assessment and Security Audit are often blended together when requested by clients or offered by security service providers. All three terms have security aspects however are very different regarding what purpose they serve as well as the expected deliverable. Continue reading →
Last year Aamir Lakhani and Joseph Muniz developed a fake identity known as Emily Williams with the purpose of compromising a specific target using social media. We created Emily Williams based on research from Robin Sage, which showcased how a fake identity could obtain sensitive information from social media resources. We wondered if a similar approach could be used for targeted attacks and developed Emily Williams for that purpose. More information on developing Emily Williams via Part 1 of this project can be found HERE. Continue reading →