Apple iOS 13 Device Setup for Penetration Testing
[HERE’S A COMPANION POST ON SETTING UP AN ANDROID DEVICE FOR PENETRATION TESTING] One of the initial challenges of performing an iOS mobile application penetration test is getting a suitable […]
Blog
Alternative Execution: A Macro Saga (part 3)
In the last few blogs in this series (part 1 & part 2) we worked through scenarios making use of the ActiveX controls InkPicture and WMPlayer to trigger macro execution. […]
Simple Security Fails (part 1) – The Directory Listing
Overview While performing security tests against web applications or network infrastructures, I often come across web servers with directory listing enabled. What is directory listing you say? “Web servers can […]
Alternative Execution: A Macro Saga (part 2)
In the previous blog in this series, we worked through a scenario making use of the ActiveX control InkPicture to trigger macro execution. Macro execution utilizing the InkPicture object can […]
Alternative Execution: A Macro Saga (part 1)
This is the first in a series of blogs – if you’re interested in reading the full series the links are here: part 1, part 2, part 3, part 4, […]
DotNetToJScript – Redux
In my previous several blog posts (here, here, and here) we covered usage of a really interesting tool released about three years ago: the DotNetToJScript project (https://github.com/tyranid/DotNetToJScript). Although it’s been […]
Android 10 Device Setup for Penetration Testing
One of the initial challenges of performing an Android mobile application penetration test is getting a suitable test environment setup. One of the easiest ways to do that is to […]
Advanced TTPs – DotNetToJScript – Part 3
In our last blog we walked through modifying the UnmanagedPowerShell project to produce a version of PowerShellRunner that’s compatible with DotNetToJScript. The end goal in that blog was to execute […]
Advanced TTPs – DotNetToJScript – Part 2
Last time we went through an overview of the awesome DotNetToJScript project, and why you should be interested in it for your Red/Purple Team testing. In this blog we’ll cover […]
Service Fingerprinting Through External Interaction-Part 2
External Service Interaction through DNS or HTTP is one way to identify out-of-band server interaction vulnerabilities (issues where the server will respond to something other than your testing computer). This […]