Recon

Author, Dale Hobbs, External/Internal, How-To, Informational, InfoSec 201, Recon Community Strings, Default, SNMP

SNMP… Strings Attached!

Dale Hobbs // One thing that I almost always find when performing an internal network penetration test is Simple Network Management Protocol (SNMP) configured with default community strings. Simple Network […]

Read the entire post here

Blue Team, Carrie Roberts, General InfoSec Tips & Tricks, Informational, InfoSec 101, Recon, Red Team

New PowerShell History Defense Evasion Technique

Carrie Roberts // PowerShell incorporates the handy feature of writing commands executed to a file to make them easy to refer back to later. This functionality is provided by the […]

Read the entire post here

00421_12042019_CollectingUserInfoLinkedIn

Author, Finding, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Justin Angel, Phishing, Recon, Red Team, Red Team Tools Justin Angel, LinkedIn, Parsuite, Peasant, SendGrid

Collecting and Crafting User Information from LinkedIn

Justin Angel // Penetration testing and red team engagements often require operators to collect user information from various sources that can then be translated into inputs to support social engineering […]

Read the entire post here

Author, Brian King, How-To, Informational, Recon Brian King, Recon-ng

What’s Changed in Recon-ng 5.x

Brian King // Recon-ng had a major update in June 2019, from 4.9.6 to 5.0.0. This post is meant to help with the adjustment by providing a cheat sheet for […]

Read the entire post here

Author, Blue Team, DNSTAP, How-To, Informational, Joff Thyer, Recon, Red Team BIND, DNS, DNSTAP, Farsight Security, Joff Thyer, Logging, Paul Vixie

Tap Into Your Valuable DNS Data

Joff Thyer // The Domain Name System (DNS) is the single most important protocol on the Internet. The distributed architecture of DNS name servers and resolvers has resulted in a […]

Read the entire post here

00387_05112019_PODCAST_Weaponizing_Intel

Author, Beau Bullock, Mike Felch, Password Spray, Phishing, Podcasts, Recon, Red Team, Red Team Tools, Social Engineering Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Podcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Beau Bullock, How-To, Mike Felch, Phishing, Recon, Red Team, Red Team Tools, Social Engineering, Webcasts Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Webcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Read the entire post here

Author, C2, External/Internal, How-To, Informational, Jordan Drysdale, Kent Ickler, LLMNR, Password Cracking, Password Spray, Phishing, Recon, Red Team, Red Team Tools, Webcasts Attack Tactics, crackmapexec, Ethical Hacking, HTA, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, Password cracking, password spraying, pen-testing, phishing

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

Read the entire post here

How-To, Password Spray, Recon, Red Team, Red Team Tools InSpy, password spraying, recon, recon tool, red team tools

I Spy with InSpy v3.0

Darin Roberts// Early in 2018 I wrote a blog about InSpy. InSpy is a great reconnaissance tool that gathers usernames from LinkedIn. My first blog can be found here. A […]

Read the entire post here

1 2