Tag Archives: Penetration Testing

Testing Tor Hidden Services With Burp Pro

by Runa A. Sandvik “On February 15, Dafydd Stuttard announced the release of Burp Suite v1.5.05. This release contains a number of feature enhancements and bugfixes, including an extension to the SOCKS proxy support which allows users to specify that all DNS lookups should be done remotely via the proxy. This means that it is possible to test… Read More »

Running Code From A Non-Elevated Account At Any Time

Source: Thoughts on Security blog “You may have found yourself in a situation where you have access to a system through a limited user account, or could not or did not want to bypass UAC (AlwaysOn setting for example) and you needed to continue running code even when the account logged off and/or the system rebooted (and even… Read More »

Finding Simple AV Signatures with PowerShell

Source: obscuresecurity.blogpost.com In this article “As a penetration tester, one of the best methods of dealing with antivirus products is to avoid them all together. Most AV products work by analyzing binaries that have been written to the disk. If you don’t write a PE (i.e. exe, dll, etc…) to the hard drive, you don’t have to worry… Read More »

Microsoft Assessment and Planning (MAP) Toolkit

Source: Microsoft Solution Accelerators The Microsoft Assessment and Planning (MAP) Toolkit is an agentless inventory, assessment, and reporting tool that can securely assess IT environments for various platform migrations—including Windows 8, Windows 7, Office 2010 and Office 365, Windows Server 2012 and Windows 2008 R2, SQL Server 2012, Hyper-V, Microsoft Private Cloud Fast Track, and Windows Azure. Download… Read More »

Use PowerShell to Security Test SQL Server and SharePoint

Source: MS Hey, Scripting Guy by Ed Wilson In this article “Penetration testing is an important part of improving security in any network environment. A hacker only needs to find a few weaknesses (even one) to compromise important IT systems. An important task for an IT administrator is to identify potential weaknesses and mitigate them. Penetrating systems is… Read More »