Articles

Back

Bruteforcing Kerberos

Introduction It is possible to brute-force Windows accounts directly, using tools like Metasploit using modules such as smb_login, which will target port 445 (SMB). However, it’s also possible to brute-force the Active Director authentication protocol Kerberos directly. This can be beneficial to an attack for two reasons, the first is ...

Target Breach (2013)

Breach Summary Target were breached in 2013. The story was initially broken by Brian Krebs in a post published on 18 December 2013 and titled “Sources: Target investigating Data Breach”[1]. This was followed up by a statement from Target announcing the breach on 19 December[16]. The target confirmation stated the ...

TalkTalk Breach (2015)

Breach Summary TalkTalk suffered a series of security issues in 2015. Right from the start of the year people were discussing an increased number of scam calls[1]. On 26 February 2015 TalkTalk emailed customers to inform them of a data breach in which account numbers, addresses, and phone numbers were ...

HTTP Security Headers: Content-Security-Policy

Content Security Policy (CSP) allows the application to restrict the location of resources to an allow-list of approved locations, including where scripts can be loaded from and when the application may be framed. This can therefore mitigate reflected and stored cross-site scripting attacks as well as issues such as Clickjacking. ...

Becoming a Penetration Tester

Breaking into Penetration Testing can be a daunting career move; so in this article we talked about ways you can make your first move towards a career in this industry. To be clear, this isn’t a definitive guide to the industry – it’s just our opinion on what has worked ...

Extracting Domain Hashes: Mimikatz

During Penetration Tests, a common late-stage activity is to compromise the Domain Controller and extract all account password hashes. This would allow for password cracking to be performed across all domain accounts and therefore any accounts with weak password to be efficiently highlighted. We previously covered how to perform incredibly ...

Implementing Sub-resource Integrity

Hosting web application content such as dynamic scripts and stylesheets on third parties such as Content Delivery Networks (CDNs) can allow for significant improvements to site performance and can reduce bandwidth costs. However, scripts included within a web application will execute within the user’s browser with the same privileges as ...

Path Traversal Cheat Sheet: Linux

Got a path/directory traversal or file disclosure vulnerability on a Linux-server and need to know some interesting files to hunt for? I’ve got you covered Know any more good files to look for? Let me know! The list included below contains absolute file paths, remember if you have a traversal ...

Path Traversal Cheat Sheet: Windows

Got a path/directory traversal or file disclosure vulnerability on a Windows-server and need to know some interesting files to hunt for? I’ve got you covered Know any more good files to look for? Let me know! The list included below contains absolute file paths, remember if you have a traversal ...

12 / 13
Play Cover Track Title
Track Authors