Did you know that there are over 350 post exploitation modules in the current Metasploit Framework version that comes pre-installed on the Kali Linux? How many of them do you use during your penetration testing activities? If you are like me, chances are that you might be using only a handful of them. Well, hopefully […]
Post Exploitation Metasploit Modules (Reference) Read More »
Let me ask you a question: If big corporations, businesses and organizations around the world have SOC (Security Operations Center) monitoring their networks 24/7/365, how is it possible that data breaches still happen? How is it possible that adversaries (APT groups, cyber criminals etc.) break their perimeter and exploit weaknesses in their networks, undetected? In
Security Operations Center: Challenges of SOC Teams Read More »
In this guide we will go through Cisco password types that can be found in Cisco IOS-based network devices. We will cover all common Cisco password types (0, 4, 5, 7, 8 and 9) and provide instructions on how to decrypt them or crack them using popular open-source password crackers such as John the Ripper
Cisco Password Cracking and Decrypting Guide Read More »
During penetration tests, attackers often times gain access to various administrative interfaces and management consoles. These interfaces can consequently contain credentials for other systems in the network, as they are integrated together. Credentials are of course very valuable for every penetration tester, however they are typically hidden under dots and cannot be just simply copied.
Reveal Passwords from Administrative Interfaces Read More »
When it comes to security, Tenable products and their Nessus Professional vulnerability scanner belong to the top preferred choices today by many leading companies and security professionals. This article provides closer look and discusses some of the key aspects and reasons why Nessus is so popular in the security industry. Let’s dive right into it.
Detailed Overview of Nessus Professional Read More »
