2 October 2019
As networks and computing systems have become more secure through the evolution of next generation firewalls, intrusion prevention systems (IPS), and endpoint security, attackers have shifted their focus. Web applications, mobile devices and apps, IoT (Internet of Things), wireless networks and the human element via social engineering have become more attractive targets for threat actors. Each of these targets are large enough subjects for books themselves, but in this article series we are going to focus on wireless network attacks. Although there are numerous types of wireless technologies such as Bluetooth, LTE and NFC, this series will cover wireless networks or WLANs (Wireless Local Area Network) using WiFi technology. In this four-part series on wireless pentesting we are going to discuss the following;
- Part 1 – An Overview
- Part 2 – Building a Rig
- Part 3 – Common Wireless Attacks
- Part 4 – Performing an Actual Wireless Pentest
22 July 2019
Typically during penetration tests, scanners are used to detect vulnerabilities. Sometimes security professionals may want to go undetected to test the response of the blue team (aka defensive security) and the security controls of an organization. However, vulnerability scanners are quickly detected due to the amount of network traffic generated by these tools. There are also times that standard, automated scans may miss vulnerabilities. To solve for these issues, manual vulnerability testing is required. Vulnerability scanners should always be used during pentests to ensure that you detect the easy-to-find vulnerabilities quickly and more efficiently, but manual testing should also be done alongside regular scans. Manual vulnerability detection takes more effort and knowledge, but it is a much-needed skill for the advanced pentester. This article will show you how!