Tradecraft Security Weekly – Page 2

Pivoting Tools Through Meterpreter – Tradecraft Security Weekly #16

Posted on August 27, 2017 by Paul Asadoorian

There are a ton of modules in Metasploit that are extremely useful for performing various attacks post-exploitation. But sometimes there are external tools that you might want to use that are not included in Metasploit. It’s possible to proxy other external tools through a Meterpreter session using a module in Metasploit and proxychains. In this […]

The post Pivoting Tools Through Meterpreter – Tradecraft Security Weekly #16 appeared first on Security Weekly.

Continue reading Pivoting Tools Through Meterpreter – Tradecraft Security Weekly #16→

Identifying Weak Session Tokens Using Entropy – Tradecraft Security Weekly #15

Posted on August 18, 2017 by Paul Asadoorian

Session management in web applications is extremely important in regards to securing user credentials and integrity within the application. Sometimes, session tokens can be predicted, provided the overall randomness is weak. If this is possible, a remote attacker may be able to compromise the session of an authenticated user. In this episode of Tradecraft Security […]

The post Identifying Weak Session Tokens Using Entropy – Tradecraft Security Weekly #15 appeared first on Security Weekly.

Continue reading Identifying Weak Session Tokens Using Entropy – Tradecraft Security Weekly #15→

Relaying NTLMv1/v2 – Tradecraft Security Weekly #14

Posted on August 11, 2017 by Paul Asadoorian

A very common attack that many networks are vulnerable to is called LLMNR or NBT-NS poisoning. Through this attack it is possible to gain access to a user’s NTLMv1 or v2 password hash. A more interesting attack can be carried out under the same premise though. Instead of just obtaining a password hash the user’s […]

The post Relaying NTLMv1/v2 – Tradecraft Security Weekly #14 appeared first on Security Weekly.

Continue reading Relaying NTLMv1/v2 – Tradecraft Security Weekly #14→

Black Hat & DEF CON 2017 – Tradecraft Security Weekly #13

Posted on August 3, 2017 by Paul Asadoorian

There were lots of amazing new tools and techniques released at Hacker Summer Camp 2017! In this week’s episode of Tradecraft Security Weekly, Beau Bullock (@dafthack) talks about some of the more interesting items he saw at the Black Hat and DEF CON conferences. LINKS: Kali Linux Revealed Spiderlabs Portia Duo isthislegit and phimm Revoke-obfuscation […]

The post Black Hat & DEF CON 2017 – Tradecraft Security Weekly #13 appeared first on Security Weekly.

Continue reading Black Hat & DEF CON 2017 – Tradecraft Security Weekly #13→

Automating Screenshots to Quickly Assess Many WebApps – Tradecraft Security Weekly #12

Posted on July 26, 2017 by Mark Anderton

The post Automating Screenshots to Quickly Assess Many WebApps – Tradecraft Security Weekly #12 appeared first on Security Weekly.

Continue reading Automating Screenshots to Quickly Assess Many WebApps – Tradecraft Security Weekly #12→

Sensitive Data Discovery in Email with MailSniper – Tradecraft Security Weekly #11

Posted on July 21, 2017 by Paul Asadoorian

The post Sensitive Data Discovery in Email with MailSniper – Tradecraft Security Weekly #11 appeared first on Security Weekly.

Continue reading Sensitive Data Discovery in Email with MailSniper – Tradecraft Security Weekly #11→

Live Response with Google Rapid Response (Blue Team Edition) – Tradecraft Security Weekly #10

Posted on July 15, 2017 by Paul Asadoorian

How do you perform incident response on systems in your environment at scale or when the system that needs to be analyzed is in a geographically different location than your analysts? What if you need to do this and have no real budget to work with to use commercial tools? The answer is Google Rapid […]

The post Live Response with Google Rapid Response (Blue Team Edition) – Tradecraft Security Weekly #10 appeared first on Security Weekly.

Continue reading Live Response with Google Rapid Response (Blue Team Edition) – Tradecraft Security Weekly #10→

Command & Control 101: Transports – Tradecraft Security Weekly #9

Posted on July 7, 2017 by Paul Asadoorian

After an attacker is successful in getting a payload onto a system and getting it to run they still have to worry about whether there will be a successful connection out to a command and control server. There are a number of different transport mechanisms that can be utilized including direct TCP connections, pivoting through […]

The post Command & Control 101: Transports – Tradecraft Security Weekly #9 appeared first on Security Weekly.

Continue reading Command & Control 101: Transports – Tradecraft Security Weekly #9→

OSINT & External Recon Pt. 1: Host Discovery – Tradecraft Security Weekly #8

Posted on June 28, 2017 by Paul Asadoorian

During the reconnaissance phase of a penetration test being able to discover the external assets of an organization is extremely important. It is also important to do so as stealthily as possible. Using open-source techniques and tools it is possible to enumerate an organizations external assets without sending any data directly from your computer system […] Continue reading OSINT & External Recon Pt. 1: Host Discovery – Tradecraft Security Weekly #8→

Situational Awareness with HostRecon – Tradecraft Security Weekly #7

Posted on June 21, 2017 by Paul Asadoorian

After exploiting a system on a remote & unfamiliar network it is extremely important to gain situational awareness as quickly, and quietly as possible. This will help ensure success moving forward with other attacks. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) will show how to use PowerShell to query information about the […] Continue reading Situational Awareness with HostRecon – Tradecraft Security Weekly #7→