browsers

Intercepting DNS

Recently during a penetration test, I discovered a Linksys WRT54G wireless router that had been installed on a customer’s network. Surprisingly, this device was accessible from the Internet with default credentials. Watching the client list, I noticed several clients connecting on & off throughout the day. We all know that this is bad, but how …

Intercepting DNS Read More »

We Can’t Rely on the Browser for Protection

 A large part of doing security consulting is providing proper mitigations and recommendations to our clients.  Sure, the testing is the exciting part, but it is the recommendations that are going to have the greatest impact on our client’s security.  It is our goal to help make the security posture better, not set a record …

We Can’t Rely on the Browser for Protection Read More »

Getting Started with BeEF: The Browser Exploitation Framework

This post is the first in a series on Getting Started with information security tools. For more posts in this series, check out the Getting Started label on this post.  BeEF, the Browser Exploitation Framework, is a testing tool designed to enable penetration testers to launch client-side attacks against target browsers. By using techniques similar …

Getting Started with BeEF: The Browser Exploitation Framework Read More »

Scroll to Top