Posted By Nick | March 31st, 2011
This, like all penetration testing methods or discussions should be used for educational\professional purposes only. The purpose of this post is to show an interesting client based attack method that can be used in penetration testing. Abusing networks or computers that you do not have permission to be messing with is not smart and can … Continue reading →
Tags: captive protal, dsniff, iptables, man-in-the-middle, Metasploit, MITM, msf, pen testing, penetration testing, php, traffic redirection
Filed In: Security Testing, Uncategorized
Posted By Nick | November 8th, 2010
It has been an intense journey since I signed up for the PWBv3 course from Offsec. But, now it is all worth it. I received notice that I passed and can now claim the title: Offensive Security Certified Professional (OSCP). I have taken many security courses, and have gotten a few certifications along the way, … Continue reading →
Tags: Backtrack, certification, Metasploit, OSCP, pen test, penetration test, Security, security training
Filed In: Security Testing
Posted By Nick | August 25th, 2010
Microsoft’s security advisory that came out Monday is a bit vague on this bug, but the issue is a bit more serious matter and deserves security pro’s attention, especially if your company uses in-house applications. MS KB is here. The issue itself is not new, but recently published research that details remote attack vectors is. … Continue reading →
Tags: DLL Hijacking, kb2264107, Metasploit, Microsoft, Microsoft Security Advisory 2269637
Filed In: IT Infrastructure Security
Posted By Nick | July 21st, 2010
The folks over at the Metasploit Framework have released a working exploit module that takes advantage of the much talked about vulnerability in the Windows Shell. This module proves this vulnerability is not limited to being exploited via thumb drives or email attachments. Microsoft has no patch available as of yet, however they offer some ugly workarounds: … Continue reading →
Tags: 2286198.mspx, CVE-2010-2568, http://www.microsoft.com/technet/security/advisory/2286198.mspx, Metasploit, msf
Filed In: IT Infrastructure Security, Security Testing
Posted By Nick | July 9th, 2010
The purpose of this post to provide an example of how to use the freely available Linux distribution Backtrack when conducting security testing; and to provide a specific example of an attack scenario with detailed instructions on the commands used with a description. This is by no means an all encompassing tutorial for using Backtrack … Continue reading →
Tags: Backtrack, ettercap, etterfilter, Metasploit, MITM, MSF3, pen test
Filed In: Security Testing
ALL CONTENT © 2010 PROLIFIC SOLUTIONS LLC
