For research purposes, I have setup a Security Onion Virtual
Continue readingPulling Credentials from a VMware Snapshot with Volatility
Volatility is a memory analysis tool used to perform digital
Continue readingVolume Shadow Service (VSS) and Pentesting
This is pretty cool from a post exploitation and a
Continue readingPassword Spraying on Windows
Let’s say you gain access to a Windows machine and
Continue readingTesting Role-based Access Controls with Burp Compare Site Maps
When testing a web application with multiple roles, a common
Continue readingFile Transfer and cmd.exe with MSPaint
Let’s pretend you are on a locked down environment, and
Continue readingNmap Probing, Service Detection, and NSE Overview
Since Nmap is probably the most widely used port scanner
Continue readingCookie Theft with Cross-site Scripting (XSS)
Simple proof on concept stealing cookies on a page vulnerable to
Continue readingCIS AWS Benchmark Script
Recently (2-29-2016) the Center for Internet Security (CIS) came out
Continue readingMan-in-the-Middle SMB Hash Capture with Ettercap and Metasploit
Today, I’ll show you how to leverage that MitM position
Continue reading