Any system that is used to share files across a network can be incredibly valuable to a penetration tester. From finding usernames and passwords, to identifying configuration files that give insight into device configuration, file sharing protocols are potential...
During a penetration test, it is possible to come across networks that you know exist but just can’t reach directly. When that happens, testers need a way to pivot into these networks and keep the assessment moving. In these situations, it is important to...
When someone types a website address into their browser, they probably don’t think about what happens in the background. But for a pentester, understanding that process is key. DNS (Domain Name System) is what makes the internet usable. Instead of remembering IP...
Let’s break down what SQL injection is, how attackers use it to access data, and why it’s still a major issue, despite being one of the oldest vulnerabilities around. First things first, what is SQL injection? At its simplest, SQL injection is a way for attackers to...
Nmap is one of the best network mapping tools out there. This guide will explain how to use Nmap to identify machines and services available in a network. What is Nmap? Nmap is a free and open-source tool that can be used by network and system administrators and...
