When considering the methods of attack an organization should defend itself, what comes to mind? Certainly, you should defend yourself against the most devastating forms of attack. That missing patch that leads to full domain compromise? Take care of that immediately. That password policy that means everyone uses “1234”? Should probably look at that too. What about the most ... READ MORE
Pentest
Back to Basics: Brute Forcing Techniques
During an attack, a threat actor can often enumerate leverageable information through open-source intelligence (OSINT) gathering techniques. This can include information on users that are present on the target environment, such as usernames and email addresses. Often, a threat actor can use this information to craft a targeted list of users to facilitate a variety of attack ... READ MORE
Mobile Apps – Testing WebView
Mobile application testing has progressed significantly over the past few years. Whereas the early days of mobile security were more or less a wild west, efforts such as the Mobile Top 10 and testing guide from OWASP and courses like SANS 575 have helped to standardize both methodologies and expectations for testing. Tools like MobSF and expanded support in Metasploit and ... READ MORE
Quick Reference: Empire Persistence Modules
During a penetration test you may find yourself in a situation where your foothold in the network is tenuous and you need to establish persistence. Such as when your only foothold is on a workstation, the end of day is quickly approaching, and the user may shutdown their system. In these cases you'll likely have to save something to the hard disk, but what type of persistence ... READ MORE
Footprinting the Target with Recon-ng
Thank you for dropping in for part 2 of our tutorial series on LaNMaSteR53's Recon-ng information gathering framework. Last time, we focused on the fundamentals of navigation within the tool, selecting, configuring and executing modules, and understanding the output. If you came across this page first, please drop back to Part 1 of the series to get a solid background on the ... READ MORE
Obfuscating Launchers to Limit Detection
Last time, I provided a method for encrypting macro payloads (https://warroom.rsmus.com/encrypt-macros-bypass-sandboxes/) to prevent them from executing correctly in the event they were analyzed in a sandbox. On a somewhat-related note, in this post, I will discuss another method which can help ensure your payload makes it successfully to your target: obfuscation. First, ... READ MORE
Pivot, Exploit, Death by Firewall
Another scenario that is getting all too familiar: It is another day in the office. The external penetration test is going as planned. You broke in to the internal network and you have transports in place. You just need that last trophy before you can call it a day! You finally find the system where it is stored. You prep for the attack, and check to make sure all is setup ... READ MORE
Customizing King Phisher Using Plugins
With the ability to write your own plugins for King Phisher, basically the possibilities for what YOU want King Phisher to do have fallen into your hands. During the newer release for King Phisher, the development team has incorporated the ability to add your own plugins to allow customization on what you'd like the phishing tool to do. For example, we've started a plugin ... READ MORE
Intro to OSINT
*All images in this post were found using publicly available sources and should be used for educational purposes only One of the best things in the IT community is Open Source Software. Open source software is something where the a company develops a piece of software and then makes the source code publicly available, allowing anyone to look and manipulate the code. This has ... READ MORE
Build Your Own Pentest Pi
Raspberry Pis are really a thing of beauty. They're extremely versatile and can perform multiple tasks in spite of their small size and power. I currently own three! One is currently serving as a Kodi media server at home, and the second is a portable media server for my daughter. I most recently acquired a Pi 2. The Raspberry Pi 2 debuted last month and sports a new hardware ... READ MORE