Search the Community

Showing results for tags 'evidence'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple / Jasager
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • Mark V
    • Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • Mark I, II, III
  • Active Projects
    • Community Projects
    • USB Rubber Ducky
    • Lan Turtle
    • SDR - Software Defined Radio
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Other Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Found 2 results

  1. Hello, I'm working as pentester freelancer. The company that hired me has to perform annually at least one external and one internal pentest of its web application (they have an e-commerce service). They have to obey a set of compliance rules to ensure that they will keep a maturity security level. To keep this level of maturity security, an external audit company has to identify and verify if these pentests were executed. Note that this means that the external audit company does not have to know which vulnerabilities were found, but they have to be sure that tests were made. Pentests's reports that I found on the internet (from SANS, offensive security, PCI) and that I used on my previous works do not serve for this purpose. I say this because they have descriptions about vulnerabilidades, detailed evidences from their existence (with screenshots, network's captures) to prove their existence. Note that these types of reports are not what I need to generate, since I just need to generate a document proving that I executed the pentest. Would you have any suggestions for me to generate this new kind of document? Is there any auditing tool that could be used for this end? Would you suggests another approach?
  2. I personally have not dabbled with RF hacking, so please forgive any ignorance that reveals itself with this post. I recently bought a 2016 honda civic. I live in a city neighborhood and park it on the one way street that I live on. It like most cars, has a key that also allows for remote locking / arming of the alarm, and unlocking, as well as opening the trunk. Anyway, a few weeks into buying the car I started noticing my trunk would be open in the morning. At first I figured I must have accidentally hit the trunk button on the key, and started being much more careful about where I put my keys down. But it kept happening, always over night and on my street. It was not happening when I stayed over my girlfriends for weeks at a time, or anywhere else. Just when I parked it on my street. The other night 15 of my neighbors cars on my street were all broken into, with their glove compartments rifled through. 2 cars were flat out stolen, and not a single alarm had gone off. None of the cars showed evidence of forced entry.. my car was one of them. My car was parked literally right out side my bedroom window and I know I would have heard the alarm.. the interesting thing to me was that after I heard about the break ins, and rushed to check my car, I first tried clicking the lock/engage alarm button on my key.. only to find my car was not responding to it. I found my car unlocked, no evidence of tampering.. the key fob eventually started working again, only after I tried unlocking it first.. it was as if the key fob was out of sync and the rolling pin was off or something.. do you folks think my street was attacked with an SDR attack? Honda told me that my battery might be low.. trust me, its not... I tested the battery, and everything works now.. I am almost certain it wasn't working because it somehow fell out of sync.. Also would love some clever ideas on how to fuck with these petty theifs should they do it again. #karateForDefence