Did you know you can interact with LDAP using cURL? How about NTLM, proxy tunneling, or domain sockets?
A deep dive into some less common and advanced features of cURL, including sending POST requests with a payload file, uploading files to a server, exploiting Spring4Shell, and exploiting SQL injection vulnerabilities using cURL.
Resources
Blog
Blog
Keep up to date with the latest offensive security news, knowledge, and resources.
Self-hosted Microsoft services, such as Exchange and Skype for Business, are ideal targets for password spraying attacks. Learn more about how these threats work and how to protect your business.
Exploiting several Top 10 risks using the Damn Vulnerable Web Application (DVWA), as it’s expressly configured to highlight sub-optimal cybersecurity practices relevant to modern web applications.
Offensive operations require evasion techniques to bypass security controls. Testers will often find that their attacks against web applications, Office 365, and other external endpoints are quickly blocked. Read our guide outlining the tools we use here at Sprocket to help us effectively attack our client's infrastructure including Fireprox, proxybroker2 and http-proxy-ipv6-pool.
Learn penetration testing best practices from industry pros to prevent breaches, reduce exposure, and keep your digital assets secure.
Vulnerability management can be an overwhelming task with so many new vulnerabilities identified each year. Learn about the top vulnerabilities of 2022, which should be at the top of your patch priority list.
