Penetration Testing – discussing exploits, vulnerabilities, fixes and tools
Here I will be discussing exploits, vulnerabilities, fixes and tools dedicated to the two areas of personal interest to me within penetration testing. Infrastructure and Web Application Testing.
- The Shadow Brokers dump – Eternalblue, DoublePulsar – Hello SYSTEM!
- Linux Host Enumeration (Authenticated Post-Exploitation)
- Searching for password files in PowerShell on a Penetration test!
- Conducting a PowerShell Port Scan – Post Exploitation
- PowerShell Ping Sweep
- Pivoting with netsh in Windows!
- VLAN tagging in Kali Linux 2.0
- Searching for Exploits with Exploit-DB.com – Online and Offline.
- Using Python to generate all hex characters for use with writing exploit code for Buffer Overflows.
- Creating username lists.