In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they
Category: Misc
Other
Going further with Responder’s Basic Authentication
There are a good number of situations when we find ourselves abusing the LLMNR and NBT-NS protocols on an infrastructure penetration test, more specifically on
Exploiting Timed Based RCE
In a recent penetration testing project we encountered a situation where in order to prove exploitability and possible damage we had to exfiltrate data from
Penetration Testing in IT/ Security Assurance Projects
There are various cases when during an IT/ security assurance projects there are specific requirements to rely on penetration testing projects/ reports completed by a
My experience with the OSCP certification
Hi there, Probably you’re here because you’re interested in obtaining the OSCP certification. Smart decision, good for you! Or maybe you are interested in obtaining a
Defcamp 2015
At the end of November, between 19 and 20, we will be present at Defcamp 2015 Information Security conference. Adrian Furtuna, Technical Manager at KPMG