Previously, I wrote a post providing a brief introduction to Laudanum. If you haven’t read it, or don’t know what Laudanum is, I encourage you to read that post first (don’t worry, it is fairly short). In this post, I am going to take a look at how Laudanum can be used. Specifically, I am …
As a security consultant, there are so many scenarios that I run into every day that there is no one tool or script that solves every problem. The best consultants have the know-how to understand which tool to use in which scenario. Imagine if during a penetration test I used SQLMap to look for CSRF …
Beware of the Unknown IT Grunt I decided to continue on with the same theme as Kevin’s post about the delivery guy. Secure Ideas was recently asked to do a couple of physical penetration tests and I was assigned to both. I must confess that physical penetration tests cause the adrenaline to kick in and …
One of the many tasks on any penetration tester’s to-do list is to set up a web proxy for debugging applications. Doing this for the normal browser to server architecture is fairly straight forward. Setting up the proxy for a web browser is pretty straight forward. Unfortunately, when we start getting out of the browser …
One of the common vulnerabilities we find when performing internal network penetration testing is sensitive data on open SMB file shares. Now, by “open” I am including both unauthenticated as well as file shares that allow any authenticated user. It certainly makes sense for organizations to have file shares that are accessible to all employees …
This post is part of our Professionally Evil series of posts that discuss some of the experiences we have had as Security Consultants. In Kevin’s previous post he talked about his experience doing a physical penetration test as a delivery guy. In this post, I want to take a moment to highlight how my job …