Collaborate Disseminate
In the previous article of this series, “Wireless Pentesting Part 2 – Building a WiFi Hacking Rig”, we discussed building a WiFi hacking rig. We covered the hardware, operating systems, and software requirements for setting up your own wireless pentest… Continue reading Wireless Pentesting Part 3 – Common Wireless Attacks
Watch Now to Amp Up Your Red Team!
Video and Slide Deck from EH-Net Live! May 2020
OK… so your infrastructure is pretty much locked down, your SOC is solid, you do regular pentests and even leveled up your organization’s capabilities to inc… Continue reading Video: Bad As You Want To Be – Adversary Emulation Basics
Register Now to Amp Up Your Red Team!
OK… so your infrastructure is pretty much locked down, your SOC is solid, you do regular pentests and even leveled up to include threat hunting, RE and malware analysis. Your security program is at a pretty m… Continue reading Webinar: Bad As You Want To Be – Adversary Emulation Basics
Join us on Wednesday, May 13 at noon Pacific for the Pentesting Hack Chat with Eric Escobar!
Ask anyone in this community to name their dream jobs and chances are pretty good that penetration tester will be somewhere on the shortlist. Pentesters are allowed — nay, encouraged — to break …read more
What is red teaming? How is it different from conventional penetration testing? Why do we need blue, red, and white teams? How are cyber-drills carried out, and what results should be expected? In this article, we will answer these and other questions … Continue reading Red Teaming: How to Run Effective Cyber-Drills?
Penetration testers and chief information security officers (CISO) should find this article useful as it sheds light on a number of new social engineering hoaxes doing the rounds these days. These stratagems can be highly effective in targeted attack s… Continue reading Lesser-Known Social Engineering Tricks
PowerShell has gained popularity with SysAdmins and for good reason. It’s on every Windows machine (and now some Linux machines as well), has capabilities to interact with almost every service on every machine on the network, and it’s a com… Continue reading WMI 101 for Pentesters
Anyone in the know about IoT security is likely to steer clear of a physical security product that’s got some sort of wireless control. The list of exploits for such devices is a long, sad statement on security as an afterthought, if at all. So it’s understandable if you think …read more
Continue reading Fail of the Week: Padlock Purports to Provide Protection, Proves Pathetic
Introduction
It was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only start in January. Playing with PS4 all month might sound fun for some people, but… Continue reading The RastaLabs experience
See FOSS Tools for WebApp Pentests!
Video and Slide Deck from EH-Net Live! December 2019
Web Application Penetration Testing, or webapp pentesting, to put it simply is poking at the code behind a web site to see if there are any holes. If there are, ho… Continue reading Video: Burp-less Hacking – Learning Web Application Pentesting on a Budget