-
24772433 replied to the topic OG150 Pentest Drop Box in the forum Hardware 8 years ago
Just had a look at pwnpi. I think I’ll order raspberry pi, instead! Thanks.
-
24772433 replied to the topic Mobile Phone Scanning in the forum Mobile 8 years ago
Just to clarify, if the phone is switched off, it will still emit a RF signal and be detected by the scanner. SOP is to remove the phone’s battery to prevent detection.
-
24772433 replied to the topic Am I too old for a career change into security? in the forum Career Central 8 years ago
It’s definately not too late. 28 is young! I was 30 when I took the transition from soldier in the British Army to IT Systems Admin – I didn’t do IT in the army!
From the sounds of it your’re on the right track. Most definitely concentrate on Web Application testing. Also, get signed up for the PWB/OSCP course too. It’s worth the…[Read more]
-
24772433 replied to the topic Evading Anti-virus Detection with Metasploit – Live Webcast in the forum Network Pen Testing 8 years, 2 months ago
I got the confirmation emails through fine but I messed up on my mental arithmetic! I put GMT ahead of EST by 6 hours instead of 5, so I only caught the Q&A session at the end of the webinar! To rub salt into the wound, one of the comments on chat was about how the presentation was the best from Rapid7 ever! 😀
-
24772433 replied to the topic Approved Scanning Vendor – PCI in the forum Compliance, Regulations & Standards 8 years, 2 months ago
Thanks for the replies, guys. All very helpful.
-
24772433 replied to the topic Where are you from? in the forum Other 8 years, 3 months ago
Worcestershire, Great Britain.
-
24772433 replied to the topic Prince William IT Security Issue! in the forum Other 8 years, 4 months ago
Having used the UK Ministry of Defence DII systems I know just how unmanageable the whole thing is. I had to write down my password(s)Â too – and I should know better!
-
24772433 replied to the topic The guy suing companies for using SSL/TLS in the forum News from the Outside World 8 years, 5 months ago
Echoes of British Telecom’s frivolous Hyperlink Patent lawsuit from 2002! BT lost that one, not surprisingly!
-
24772433 replied to the topic Thanks EH-Net! (A success story) in the forum Career Central 8 years, 6 months ago
^^like^^
Congrats! Who’s the new outfit?
-
24772433 replied to the topic Mobile Phone Scanning in the forum Mobile 8 years, 6 months ago
I was at a UK millitary establishment in Wiltshire last year and given the nature of their work ALL mobile (cellular) phones are prohibited and have to be checked in at Security. To enforce the policy they used scanners which will detect phones, even when switched off as they will still emit RF (unless the battery is removed).
I don’t know the…[Read more]
-
24772433 replied to the topic de-ice.net in the forum Tools 8 years, 7 months ago
The subnet should be 192.168.1.x. You would be advised to set the NIC for both guests to Custom – vmnet2. The de-ice distros set their own IP address. The clue to what that is is in the name, e.g. ‘de-ice 1.100’ which would be 192.168.1.100.
Set your Backtrack VM to the same subnet and you will see the de-ice VM.
If you still can’t see the vm…[Read more]
-
24772433 replied to the topic Violating ISP AUP?? in the forum Network Pen Testing 8 years, 8 months ago
Andrew, who would you recommend for buisness grade broadband in the UK?
Steve.
-
24772433 replied to the topic ms03_026_dcom help please in the forum Tutorials 8 years, 10 months ago
As mentioned, it’s an old exploit and since patched. You could try seeing if kb823980 is installed separately in Add Remove programs and uninstall. This will work.
-
24772433 replied to the topic ms03_026_dcom help please in the forum Tutorials 8 years, 10 months ago
The RHOST IP should be the victim machine’s IP ie x.x.x.67. RHOST is remote host, not local.
Steve.
-
24772433 replied to the topic The Use of Buffer Overflow Exploits During Pentests in the forum Network Pen Testing 8 years, 11 months ago
In posing the question I’m very much playing Devil’s Advocate. I do value the benefit of going beyond a simple vulnerability assessment and looking to demonstrate an exploit.
I do agree, it’s a balance between business continuity and exposure to risk. A malicious hacker won’t care less if the server blue-screens, other than maybe attracting…[Read more]
-
24772433 replied to the topic Feeling rejected and dont know what to do. in the forum Career Central 8 years, 12 months ago
Jamie,
I saw this today. A London based security company looking for a Junior Pentester:
http://www.theitjobboard.co.uk/?Mode=AdvertView&AdvertId=8540714&SearchTerms=Penetration+Tester&LocationSearchTerms=UK&JobTypeFilter=0&xc=1&utm_source=jbe&utm_medium=email&utm_campaign=jbe&lang=Steve.
-
24772433 replied to the topic [Article]-A Rant About Hacking Labs in the forum Opinions 9 years, 1 month ago
There are some very interesting comments from a thought provoking article.
The increase of virtualisation in corporate networks and the growth of cloud based services provide challenges to the security community to adapt to these changes. Server virtualisation is now commonplace and so too will be desktop virtualisation, along with switch…[Read more]
-
24772433 replied to the topic Pen Testing Windows in the forum Network Pen Testing 9 years, 3 months ago
If you want to tinker with AD for free Microsoft have quite a few pre-configured VHDs for Microsoft Virtual Server.Â
http://technet.microsoft.com/en-us/bb738372
I’ve used these in the past, mainly the Exchange servers for evaluation and testing. With the standalone 2008/2003 servers you can easily create an AD environment just by running the…[Read more]
-
24772433 replied to the topic a question about metasploit in the forum Tutorials 9 years, 5 months ago
@midnight monster wrote:
oh steve are you kiding!! it has hundred compatible payload and it takes a lot of time for me
OK. What is the server OS and vulnerability? If it’s Windows then Meterpereter (as mentioned by BILLV) is always a favorite of mine.
Steve
-
24772433 replied to the topic OSCP N00b Question in the forum OSCP – Offensive Security Certified Professional 9 years, 5 months ago
A couple of hiccups with receiving emails but I got registered and handed over £480 once I was happy with the VPN connection to the labs.
Due to start the course on Sunday 20th November. Looking forward to it!
Steve.
- Load More