05 Jan

Penetration Testing Tools Cheat Sheet

Introduction Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Designed as a quick reference cheat sheet providing a high level overview of the typicalcommands you would run when performing a penetration test. For more in depth information I’d recommend the man file for the tool or a more specific pen […]

read more »
03 Jan

OS fingerprinting with Metasploit

OS fingerprinting is the process of determining the operating system running by a host. Port 445 is used by SMB protocol for providing shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. Most usage of SMB involves computers running Microsoft Windows. To check if port 445 is open, use auxiliary/scanner/portscan/syn hit enter set RHOSTS […]

read more »
Plundering Windows Account Info via **Authenticated** SMB Sessions
05 Dec

Plundering Windows Account Info via **Authenticated** SMB Sessions

Rpcclient is Your Friend! By Ed Skoudis I absolutely adore the Server Message Block (SMB) protocol. Sure, it’s ugly and bewilderingly complex. But, what I love is the raw power SMB provides for manipulating Windows environments during a penetration test. Via SMB, you can remotely access file shares, the registry, services, domain authentication, and much […]

read more »