Player FMアプリでオフラインにしPlayer FMう!
7MS #475: Tales of Internal Network Pentest Pwnage - Part 27
Manage episode 297032749 series 1288763
Yeahhhhhh! Today's another fun tale of pentest pwnage, including:
The importance of starting your pentest with an AD account that actually has access to...ya know...stuff
The importance of starting your pentest plugged into a network that actually has...you know...systems connected to it!
This BHIS article is awesome for finding treasures in SMB shares
PowerUpSQL audits are a powerful way to get pwnage on a pentest - check out this presentation for some practical how-to advice
IPMI/BMCs often have weak creds and/or auth bypasses so don't forget to check for them. Rapid7 has a slick blog on the topic.
Don't forget to check for vulnerable VMWare versions because some of them have major vulnerabilities
620 つのエピソード
Manage episode 297032749 series 1288763
Yeahhhhhh! Today's another fun tale of pentest pwnage, including:
The importance of starting your pentest with an AD account that actually has access to...ya know...stuff
The importance of starting your pentest plugged into a network that actually has...you know...systems connected to it!
This BHIS article is awesome for finding treasures in SMB shares
PowerUpSQL audits are a powerful way to get pwnage on a pentest - check out this presentation for some practical how-to advice
IPMI/BMCs often have weak creds and/or auth bypasses so don't forget to check for them. Rapid7 has a slick blog on the topic.
Don't forget to check for vulnerable VMWare versions because some of them have major vulnerabilities
620 つのエピソード
すべてのエピソード
×プレーヤーFMへようこそ!
Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。