penetration-test – Page 3 – WindowsTechs.com

Can and should a penetration test report include an informational note about not having used a (by-design) memory-safe programming language?

Posted on March 4, 2024 by Bob Ortiz

Firstly, a quote from a good article about the importance of memory safety by memorysafety.org:

How common are memory safety vulnerabilities?
Extremely. A recent study found that 60-70% of vulnerabilities in iOS and macOS are memory safet… Continue reading Can and should a penetration test report include an informational note about not having used a (by-design) memory-safe programming language?→

Conducting a proof-of-concept attack on an open MySQL port

Posted on February 14, 2024 by KhodeNima

I am not very experienced nor do I have acceptable knowledge, that is why I have signed up to work on a small project to gain some experience, where they don’t seem to care about security much.
After running a scan, I noticed that they hav… Continue reading Conducting a proof-of-concept attack on an open MySQL port→

Impossible NTLMv2 hash format with Responder lm option

Posted on February 10, 2024 by Joy

While doing an internal assessment, I stumbled upon a very weird looking NTLMv2 hash (I will not use the "Net-NTLM" terminology but I’m talking about the NTLM protocol ) while using Responder with the –lm option (which afaik/wha… Continue reading Impossible NTLMv2 hash format with Responder lm option→

How secure is XScreenSaver against physical attacks

Posted on January 25, 2024 by Ludwig Van Beethoven

We use LUKS/dm-crypt encrypted workstations with long passwords.
But if an laptop is unlocked and booted into Debian, using Xscreensaver then the disk is in an unencrypted state but the keyboard is locked.
My question is, would it be possi… Continue reading How secure is XScreenSaver against physical attacks→

Improving penetration testing

Posted on December 30, 2023 by mohannad hosain

My master’s thesis is about improving penetration testing used in ethical hacking. By designing a model, how do I do that?

Continue reading Improving penetration testing→

HTTrack not mirroring site Windows 11

Posted on December 30, 2023 by chickenj0

Studying EC-Council’s Ethical Hacker
One of the tasks was to create a copy of www.certifiedhacker.com using WinHTTrack but it is not working, how can I troubleshoot?
Here is a screenshot of the original error message

And the hts-log file
… Continue reading HTTrack not mirroring site Windows 11→

penetration testing dataset [closed]

Posted on December 28, 2023 by mohannad hosain

How can I get a dataset containing:

data on various systems, their characteristics (such as OS, software versions, network configurations), and known vulnerabilities.

historical data on previous penetration tests, which tools were used, … Continue reading penetration testing dataset [closed]→

How to download vulnerable Windows iso for hacking lab? [closed]

Posted on December 5, 2023 by Developing Electronics

I want to set up a hacking lab in virtual box. I already have Metasploitable 2 (Linux) and 3 (Windows Server 2008) but I need Windows Server 2012, Windows Server 2016 and Windows 10. I have downloaded an .iso from Microsoft’s website, but … Continue reading How to download vulnerable Windows iso for hacking lab? [closed]→

what’s a small, medium, and large Scope in penetration testing?

Posted on October 7, 2023 by thearonimperial

I’ve been diving into the world of penetration testing regarding PM, and I’m curious about how you all define the scope of such tests. I often hear terms like "small scope," "medium scope," and "large-scope" t… Continue reading what’s a small, medium, and large Scope in penetration testing?→

Advice on more in depth web app info gathering phase

Posted on October 2, 2023 by XyronZ

I am a junior pentester currently working for a secure messaging app that includes a webclient. Only the subdomain is in scope and other subdomains are off-limits. Social engineering is also off limits as this is a staging server that mimi… Continue reading Advice on more in depth web app info gathering phase→