Welcome to Part 2 of this 2-part blog series looking at the details of exploring and validating an exploit! If you liked this series, I bet you’d be interested in our webinar on How to Think Like A Hacker, check it out! Now on to Part 2: Taking it to the Next...
A Study in Exploit Development: Easychat SEH exploit A typical penetration test involves automated compliance scanning to identify vulnerabilities, followed by a more manual testing process where the tester attempts to validate and exploit those vulnerabilities. Many...
How I hacked the Avaya system during penetration testing? Whenever I see Avaya servers during a penetration test, I know pwnage is coming. Hacking Avaya systems is consistently easy to do. It is not Avaya’s software that is the problem, per se. Rather, companies...
In the first and second parts of this red team penetration testing blog, I described how armed with minimal knowledge of a company, I was able to root the entire domain. Anything goes in red team penetration testing, and I went all the way. After a few days of...
In Part 1 of this series, I outlined how during this recent red team test at Anitian, I broke into a client’s network. I researched the company’s employees, conducted a phishing test, obtained information about employees on vacation, and ultimately impersonated...
Penetration testing is a valuable part of a security program. At Anitian, we offer a wide array of penetration tests: internal, external, social engineering, web application, API testing, and so forth. Typically, clients hire us for one or two of these tests. On their...