Recon

How-To, Informational, InfoSec 201, Phishing, Recon, Red Team, Red Team Tools Domain Categorization, DomCat, Expired Domains, William Oldert

DomCat: A Domain Categorization Tool

DomCat is a command-line tool written in Golang that helps the user find expired domains with desirable categorizations.

Read the entire post here

How-To, Informational, Physical, Recon, Sean Verity, Wireless aircrack-ng, airodump-ng

Hunt for Weak Spots in Your Wireless Network with Airodump-ng from the Aircrack-ng Suite

In this blog, I’m going to walk you through how to get started with airodump-ng and some of the techniques that you can use to home in on access points of interest.

Read the entire post here

Chris Sullo', General InfoSec Tips & Tricks, How-To, Informational, Recon, Web App

How to Use Dirsearch

Dirsearch is an open-source multi-threaded “web path discovery” tool first released in 2014. The program, written in Python, is similar to other tools such as Dirbuster or Gobuster, and aims to quickly find hidden content on web sites.

Read the entire post here

Informational, Kevin Klingbile, Recon, Webcasts Azure Cloud, Cloud Enum, Cred Master, Graph Runner, M365, Pen Testing, Webcast Wrap-Up

Reconnaissance: Azure Cloud w/ Kevin Klingbile

This webcast was originally published on September 26, 2024. In this video, Kevin Klingbile from Black Hills Information Security discusses the intricacies of Azure Cloud services and M365, focusing on […]

Read the entire post here

Cameron Cartier, General InfoSec Tips & Tricks, Informational, InfoSec 101, Recon, Wireless Kismet, wifi

Ghost in the Wireless: An introduction to Airspace Analysis with Kismet 

This is the first installment in a series of blogs relating to practical analysis of wireless communications: what they are, how they work, and how they can be attacked. In […]

Read the entire post here

How-To, Informational, Michael Allen, Recon, Red Team, Red Team Tools, Web App

Introducing SlackEnum: A User Enumeration Tool for Slack

Recently, as part of our ANTISOC Continuous Penetration Testing (CPT) service, I had an opportunity to investigate how attackers can leverage Slack in cyber-attacks, similar to how we frequently use […]

Read the entire post here

Recon, Serena DiPenti

Shenetworks Recommends: Using Nmap Like a Pro 

shenetworks // One day at work I received a case stating a client couldn’t connect to the management interface of a new server. I asked the client to change the […]

Read the entire post here

Alyssa Snow, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, Recon, Web App

Gowitness, a Tester’s Time Saver

Alyssa Snow // During an external or internal network penetration test, it can be challenging to comb through each web server in scope to find the juicy stuff. During a […]

Read the entire post here

Daniel Pizarro, External/Internal, General InfoSec Tips & Tricks, Informational, LLMNR, Password Cracking, Password Spray, Recon, Red Team, Red Team Tools, Web App Cybersecurity Certification, PNPT

PNPT: Certification Review

Daniel Pizarro // What is the PNPT?  The Practical Network Penetration Tester (PNPT), created by TCM Security (TCMS), is a 5-day ethical hacking certification exam that assesses a pentester’s ability […]

Read the entire post here