This edition of “Grey Hat Hacking” builds upon the previous four editions by providing updated and expanded information on several key aspects of ethical hacking.
Continue reading “Grey Hat Hacking: The Ethical Hacker’s Handbook (Fifth Edition)”
Category: Blog
Thoughts about stuff.
Disabling Symantec AV for pentesting
Endpoint security tools can be a real pain when trying to get accurate vulnerability scans. Some tools go so far as to kill off a generic Nessus scan. Each has it’s own bypass mechanism.
Continue reading “Disabling Symantec AV for pentesting”
Email attack analysis on a rainy Friday
After several weeks of nothing happening malware-related at work, my phone pinged and alerted me to someone caught red-handed clicking on something they shouldn’t have. Continue reading “Email attack analysis on a rainy Friday”
Microsoft Exchange 2013/2016/2019 vulnerable to remote privilege escalation
Exchange 2013 or later fails to properly authenticate and validate certain requests, allowing a remote attacker with access to an Exchange mailbox to gain full Domain Administrative privileges.
Continue reading “Microsoft Exchange 2013/2016/2019 vulnerable to remote privilege escalation”
Starting your pentest…with reporting?
Reporting might sound like an odd place to start a pentest. When most well-known pentesters say that reporting is one of the most important parts of the test, you tend to sit up and take notice.
Continue reading “Starting your pentest…with reporting?”
Becoming a (better) pentester
In my never-ending quest to learn more about hacking in general, I’ve decided to take on a personal project and bone up on the skills required for penetration testing.
Continue reading “Becoming a (better) pentester”
Defense Tip – Regexs for Coin Wallet Addresses
I suggest putting these in your incoming mail filters to get alerts for possible ransom attacks. The recent spat of email-based bomb threats all contained wallet addresses.
Continue reading “Defense Tip – Regexs for Coin Wallet Addresses”
Secure File Sharing Tips
Here is a summary of some secure file sharing tips culled from Twitter thread over the weekend.
Continue reading “Secure File Sharing Tips”
HOWTO – Cracking WPA/WPA2 pre-shared keys
I was given the opportunity to run some tests against the wireless infrastructure at my office. The actual scenario is to deploy a rogue access point and start gathering intel on the organization. But I decided to take this a step further and do some pre-work to make a convincing rogue AP. What follows is my initial framework that I developed researching how to crack a WPA/WPA2 pre-shared key network. I’ll revisit this and improve on it as I gain more experience.
Continue reading “HOWTO – Cracking WPA/WPA2 pre-shared keys”
Unmasking a Cloudflare protected site
Here are some tips for unmasking a site hosted behind CloudFlare. YMMV as I have not yet tested these.
Continue reading “Unmasking a Cloudflare protected site”