Exploit types

  • Phishing, SQL, Brute Force DDOS

Teaming

  • Red teams, blue teams, purple teams

k 

 

Pen testing tools

open source, enterprise, or an arsenal

Vulnerability scanning

 

Pen testing services

 

Pen Test Pivoting

Are you using penetration testing in your cyber-security tool kit? Why not?! Penetration testing, or pen-testing, is one of the most important tools to not only find the holes in your network but to prioritize them for remediation. Keep reading for the 10 reasons you should be pen-testing.

Dropped USB flash drives are still effective means for getting into networks. The goal of this post is to give you a bit of a hands on lab and show you some tricks for actually conducting USB drop attacks, including how to prepare the payload using Core Impact.

USB drop attacks are a bit of a performance art form. You need to build an enticing story that’ll make the discoverers of the drop, whom I will refer to as ‘The Marks’, curious enough to override common sense and plug in the stick to figure out what’s on it.

 In the past, penetration testing was a fancy name for breaking through a network firewall. However, as technology advances and breaches become even more dangerous – costing an average of £2.53 million, according to research sponsored by IBM – security executives need to revisit pen testing to make sure it is an ongoing practice in their defense arsenals.

5 Security Tips

It is that special time of the year, Black Hat, when all of our friends are gathered together in Vegas to see just what hacks, exploits, tips and tricks there are for us to be concerned about. As a cyber-security specialist, it’s the most wonderful time of the year. However, for consumers and business owners, it is the reminder that what you thought was safely tucked away is actually only a moment away from being breached. On the heels of the Democratic Party’s email breach and the proliferation of hacking in mainstream media with Mr.

We are pleased to announce the official release of Core Impact Pro 2016 R1.1. More than 83 updates have been added thus far, and are available through the regular update channel for all Core Impact customers who have upgraded to the latest version. The team has been working on several privilege escalations, a number of remote exploits for widely deployed software, and numerous enhancements. This release includes:

Oftentimes after using Network Information Gathering, we are still left with a number of devices that may reflect an "Unknown" OS. With the saturation of these devices in the market today, there is a good chance there may be some located on your network. By identifying these devices we can also potentially expand our attack surface and gain other useful information.

So, where do we start? We may as well create a new search folder so that only the machines that reflect "unknown" under the OS column can be viewed.

Subscribe to Penetration Testing