-
blueaxis replied to the topic PWB/OSCP course related question in the forum OSCP – Offensive Security Certified Professional 8 years, 9 months ago
Thanks very much!
-
blueaxis replied to the topic PWB/OSCP course related question in the forum OSCP – Offensive Security Certified Professional 8 years, 9 months ago
Thanks for sharing your views. I have seen people using the term “Low Hanging Fruit”. Any tips how to identify these?
-
blueaxis replied to the topic PWB/OSCP course related question in the forum OSCP – Offensive Security Certified Professional 8 years, 9 months ago
Thanks for posting your inputs. I like your views on the port 80 stuff.
-
blueaxis replied to the topic Any Encryption related courses? in the forum Network Pen Testing 8 years, 11 months ago
Your recommendations look solid – no doubt. I was envisioning something like Encryption/Decryption as a course that covers all widely implemented platforms into one umbrella. You know there is cost factor too 🙂
-
blueaxis replied to the topic Need suggestions buying a laptop for security testing in the forum Hardware 9 years, 1 month ago
Thanks all for your inputs. Looks like the ballpark figure is around $1200 – $1500.
-
blueaxis replied to the topic Planning a NMAP Scan in the forum Network Pen Testing 9 years, 3 months ago
MeXe – Thank you very much for your inputs. So it appears the following strategy would be a good start.
1. Pick a host, scan for all TCP ports. Of course with timing options enabled.
2. Repeat step 1 for all the remaining hosts.
3. Pick a host, scan for all UDP ports.
4. Repeat step 3 for all the remaining hosts.
5. Selectively run -sV after…[Read more] -
blueaxis replied to the topic Planning a NMAP Scan in the forum Network Pen Testing 9 years, 3 months ago
Thanks members! Guess will have to do some reading on nmap performance.
Would you prefer to do the scans in little pieces and store the output in database? OR would you prefer greppable output format in text files like say per IP or something…
-
blueaxis replied to the topic nmap output interpretation? in the forum Network Pen Testing 9 years, 3 months ago
Some more updates on this.
This time I made sure wireshark is enabled while performing the nmap scan, to my strangeness 192.168.xx.0 doesn’t show up in the capture. It’s however displayed in the nmap output.
I will try it couple more times today and see if I can spot anything.
-
blueaxis replied to the topic nmap output interpretation? in the forum Network Pen Testing 9 years, 3 months ago
It appears that “.0” address would be a broadcast address. Feel free to correct me if that isn’t the case.
-
blueaxis replied to the topic Question with SNMP Enumeration in the forum Network Pen Testing 9 years, 3 months ago
I tried v2c but again the result was same as v1. It was inconsistent with the other tool I mentioned. I haven’t tried version 3 so that’s something I should poke around.
-
blueaxis replied to the topic nmap output interpretation? in the forum Network Pen Testing 9 years, 3 months ago
Thanks everyone for your advise. I did try the verbose option.
It appears nmap is scanning 192.168.xx.0 ip address multiple times. I didn’t ask nmap to scan that host by the way. Not sure if that is the default behavior.
-
blueaxis replied to the topic Enumeration based on IP address range in the forum Network Pen Testing 9 years, 3 months ago
Thank you! Will try these.
-
blueaxis replied to the topic Enumeration based on IP address range in the forum Network Pen Testing 9 years, 3 months ago
Right these are all internal lab network ip addresses 192.168.*.*
-
blueaxis replied to the topic Enumeration based on IP address range in the forum Network Pen Testing 9 years, 3 months ago
Thanks all for your suggestions. Sorry I forgot to mention these are all non-routable addresses. My goal is to make sure I complete the necessary information gathering before firing up nmap.
it appears tools like firece and reverseraider would help but i don’t know what domain name to provide (as input) to these tools. so basically i have ip’s…[Read more]
-
blueaxis replied to the topic Question – Pen Testing Automation Scripts in the forum Network Pen Testing 9 years, 4 months ago
Thank you so much. Looks like a site to be bookmarked 🙂
-
blueaxis replied to the topic Question on forensic investigation of core switches in the forum Forensics 9 years, 4 months ago
I am curious to know how the switch port mapppers work internally. I did some google search but couldn’t really find much on how they work. Do they work on wireless networks too?
-
blueaxis replied to the topic Question on forensic investigation of core switches in the forum Forensics 9 years, 4 months ago
That seems like quite a bit of task involved.
I was assuming may be the solution would be something like – looking up the DHCP server database and identifying which login/mac has been assigned that particular ip. Do you have any thoughts if that approach is possible?
-
blueaxis replied to the topic Question on real world pen testing in the forum Network Pen Testing 9 years, 4 months ago
Very interesting perspectives. Thanks for sharing them. When you say orgs are weak from inside – do you mean network layer or application layer?
-
blueaxis replied to the topic Tools for analyzing cookies stored on locally? in the forum Web Applications 9 years, 4 months ago
Thanks for the responses – I will work on your suggestions.
-
blueaxis replied to the topic Need help with NULL User Session IPC$ in the forum Network Pen Testing 9 years, 4 months ago
Does RFC’s provide a good reference point?
- Load More