Month: January 2013

WinPhone 7: Fiddler Setup

One of the many tasks on any penetration tester’s to-do list is to set up a web proxy for debugging applications.  Doing this for the normal browser to server architecture is fairly straight forward.  Setting up the proxy for a web browser is pretty straight forward.  Unfortunately, when we start getting out of the browser …

WinPhone 7: Fiddler SetupRead More »

Finding the Leaks

One of the common vulnerabilities we find when performing internal network penetration testing is sensitive data on open SMB file shares.  Now, by “open” I am including both unauthenticated as well as file shares that allow any authenticated user.  It certainly makes sense for organizations to have file shares that are accessible to all employees …

Finding the LeaksRead More »

Scroll to Top