3 min
Cybersecurity
When One Door Opens, Keep It Open: A New Tool for Physical Security Testing
We’ve come up with a neat little device that pentesters can use to recreate the thought process of attackers — and help organizations outsmart them.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: CSRF to Password Reset Phishing
In the latest edition of our "This One Time On a Pen Test" series, we take a look at an engagement featuring Cross-site request forgery attacks.
1 min
Penetration Testing
This One Time on a Pen Test: Our Accidental Win
In this blog, we recall one pen test where a placeholder password we put in actually worked with one login account.
1 min
Penetration Testing
This One Time on a Pen Test: What’s in the Box?
Here is the story of how one of our penetration testers exploited ExternalBlue on a rogue access point.
2 min
Penetration Testing
This One Time on a Pen Test: Missed a Spot
In this penetration testing story, Ted Raffle discusses how even strong security controls and threat mitigation can miss the mark when only one or two systems fall through the cracks.
3 min
How to Use Metasploit Teradata Modules
As penetration testers, we often find ourselves working with applications and
services that are new to us or uncommon. In one such case, I performed an
internal network penetration test that was focused exclusively on a handful of
Teradata database servers. To test for weak passwords, I had cobbled together a
Windows batch file that would wrap username and password lists around Teradata’s
bteq application. However, one thing I wanted to do was come back sometime and
build a proper Metasploit log
4 min
Penetration Testing
Metasploit MinRID Option
We’ve added a new option to the smb_lookupsid Metasploit module
[https://www.rapid7.com/db/modules/auxiliary/scanner/smb/smb_lookupsid]. You can
now specify your starting RID.
Wait, What Does This Module Do Again?
As a penetration tester, one of the first things I try to do on an internal
network is enumerate all of the domain users so that I can perform login attacks
against them. It would be a noteworthy risk if we could do that anonymously,
because that means that any malicious actor who can