Attacking Exchange with MailSniper
Beau Bullock // I’ve added in a few modules to MailSniper that will assist in remote attacks against organizations that are hosting an externally facing Exchange server (OWA or EWS). Specifically, […]
Beau Bullock // I’ve added in a few modules to MailSniper that will assist in remote attacks against organizations that are hosting an externally facing Exchange server (OWA or EWS). Specifically, […]
Beau Bullock // TL;DR MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It […]
Guest post* by Robert Schwass // We’ve all been there. You craft the perfect phishing email, register a great domain name, your multi handler is set up ever so perfectly. And […]
Carrie Roberts // Update 10/03/16: Want to download the address book automatically with PowerShell? Check out Beau Bullocks latest additions to MailSniper As part of a penetration test, you’ve gained access […]
Sally Vandeven // I found myself with a little extra time one day (and I didn’t tell my project manager) so I thought it would be a great time to […]
Brian Fehrman (With shout outs to: Kelsey Bellew, Beau Bullock) // In a previous blog post, we talked about bypassing AV and Application Whitelisting by using a method developed by Casey Smith. In […]
Luke Baggett // If you’re monitoring a network with internet access, it’s almost inevitable that you’re going to see a lot of traffic to and from Google servers. Blending in […]
In this webcast we walked through the current super cool crop of MITM tools. We looked at Bettercap, MITMf and discussed LLMNR and WPAD poisoning attacks. Also, this was a new […]
Beau Bullock // TL;DR I compared three single-board computers (SBC) against each other with a specific goal of finding which one would serve best as a “penetration testing dropbox”, and […]