Technical

After initially accessing an internal network during a penetration test, you need to find out what the Active Directory (AD) infrastructure looks like. Here, we’re going to examine methods for this process from both Windows and Linux, so you have an approach in your back pocket that fits your needs.

Given how often we see this tactic used, we’re going to break down the basics. We want to help you understand how password spraying works, along with some effective steps you can take to prevent it from being used against your organization. What is password spraying?

Recently, one of the most significant Microsoft Windows vulnerabilities since Eternal Blue (MS17-010) was brought to light. We’re going to show you how to exploit it during a pentest.

When we launch continuous penetration testing in a new network, we don't want to raise suspicion of our presence. For one reason, we may be able to get credentials without doing anything intrusive at all. To do it, we use packet captures and some external tooling. Below, we’ll break down how to do it, along with a few of our favorite...

In this article I show you how to create small containers that use up to date tools. By default, the Golang Docker container at its smallest is 123 MB. While seemingly small, this can result in annoying latency and slowness when deploying new tooling at scale...

This is part 3 in a series about managing dropboxes for internal penetration testing. This part is all about provisioning a dropbox to be used with our OpenVPN server that we setup in [part 2](/resources/penetration-testing-dropbox-setup-part2). Follow this tutorial whenever you need to build a dropbox for a client.