Jump to content

Search the Community

Showing results for tags 'pen testing'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 10 results

  1. I would like to know what are your thought on what distro to use for pen testing. Do you use Kali or build your own distro? I'm starting to learn so I use Kali
  2. Hi all, i'm undertaking a project to determine which vulnerability scanning tools within Kali Linux are best suited for the job, there were three tools tested and these were, Nikto, Sparta and OpenVAS. The results that these scans returned when scanning metasploitable 2 with a Kali linux machine are as follows: Metasploitable 2 Nikto 15 Sparta 46 OpenVAS 144 These results are solely the number of vulnerabilities that were returned, OpenVAS seems to be the right choice but im looking for feedback to back up these results of whether this is accurate? or maybe whether the other tools have features that may give them an advantage over the other. Any feedback would be most welcome. Thanks.
  3. Hi all i'm currently undertaking a project that involves exploiting a metapsloitable 2 machine and a windows XP machine running SP3, however the findings that i have found are that there are limited resources available when using metapsloit as there seems to be many step by step guides of how to complete an exploit but not enough information regarding troubleshooting. Do you think it would be beneficial to learning to explain more about each step of an exploit in terms of what each command does and if an exploit fails for there to be more information available about why it fails and workarounds for how to solve such problems. For instance when trying to exploit Windows XP with the popular ms08_067_netapi exploit the results for my conducted test just returned "Exploit Completed, but no session was created" Any feedback regarding this would be most welcome. Thanks.
  4. I am the system admin at my organization and my director has asked me to conduct some penetration testing. Partly because he wants to make sure we are secure, and partly because I want to do it. Not sure if this is the right place to ask this, but are there any legal concerns around me doing any testing of our network and systems? Some testing would occur with internal access to the network, and some would be external attacks. I know not really a technical question, and if this goes somewhere else let me know. Thanks!
  5. Hey i am new'ish to ctfs and have only done the a few on https://www.vulnhub.com , if anyone knows of a good one to do please leave a comment.
  6. Hey Y'all, First off thanks for taking the time to read this, and second I have always been interested in pen testing I am currently studying networking and was wondering if there are any good reads and or practice labs you wold recommend on setting up for a learning tool.
  7. Let's start by saying I am a N00b compared to many of you guys/gals. When my daughter got her Galaxy S3 stolen at school, I started asking myself "What If?" There has to be an easy way to find the MAC addresses of mobile devices around you. I Googled around for an hour or so and found this link http://www.l8ntwifi.com/ . It is a new device offered by a police officer to find stolen devices by MAC address. My first thought, of course, was Jasager should be able to do this easily. What do you guys/gals think? Is there an easier way? Also... Would Jasager stop an iPhone from randomizing the MAC address?
  8. Hi All, I was looking for some place to get to pen testing classes - I specifically want to get my CEH but I came across a place called infosec institute (link below) and they have a 10-day pen testings boot camp. They claim they train you up to 5 certs (I only see 4 listed - CEH, CPT, CEPT, and ECSA) that's still a lot regardless. The Test Vouchers are all included as well. That's a large promise, and I'm only able to find reviews from their own site. We all know that can be faked. Has anyone ever heard of them? Are they any good? I talked to one of the instructors and was told that since I've done some CD key cracking (ollydbg, ida, reading machine language, etc) and built my own linux from scratch I should be good. I've been taking the time to learn as may of the tools in Kali as I can and even setup a xenserver lab and am following along with a syngress book on the basics of pen testing. Here's the link to the 10 day pen test boot camp - http://www.infosecinstitute.com/courses/10day_penetration_testing_training.html Also you the HAk5 crew - I'm in DC and would LOVE to come out to one of your Pen-testing with hak5, but the notification time is too short to get a flight, lodging, and tiem off work (the last is the main issue since I'm in an understaffed HD) - any chance I could get a heads up on when the next one after September will be>? a rough guess is good.
  9. Hello hackers, coders and imagineers, I don't know if the Rubber Ducky is looking for an upgrade anytime soon, but if so I have a few ideas based on a recent project of mine, which uses the Teensy 3.1. Firstly, the one way nature of the device makes it difficult to acquire information from the host system. I see you have solved this by suggesting that a USB drive is used in parallel with the Rubber Ducky. Whilst this is a solution, it would be nice if the device could imitate a hub and provide the functionality of both the Rubber Ducky and a USB drive. Though, this will increase the hardware requirements and cost, so may not be ideal. In my project I simply used the onboard EEPROM to store data, which removes the need for two USB sticks, but severely limits the amount of non-volatile memory available. So, the addition of some non-volatile memory that can be written to and then read from at a later time would be nice to see on the Rubber Ducky. Secondly, although there is non-volatile memory available on the Teensy, this doesn't solve the problem of feedback: How do you get the data mined from the host system back on to the device? This is difficult since the device is pretending to be a keyboard and keyboards generally don't require feedback. In my project I utilised the fact that whilst the Teensy emulated a keyboard it could simultaneously run a serial connection. In this way I could get the Teensy to find the relevant information and then send it to itself via an open serial link. This opens up the use of the available non-volatile memory as mentioned above, but also many other things that weren't possible without feedback. For example, in my project I mess with the "networksetup" command in terminal, which, in most cases requires the user to specify the hardware port in question. As such, the first thing I do is to get a list of all the ports on the host system. This is then fed back in to the Teensy, which searches for the hardware port related to the WiFi. Then this information can be used to send commands to turn the WiFi card off, change the AP to which the host system is associated or just gather more information. This could be a huge advantage if implemented on the Rubber Ducky. Lastly, with most keystroke injection attacks commands have to be sent and then there's a delay whilst the host system executes the command. However, these delays can vary wildly making them very difficult to predict. In my project I added a debug mode option, which allows the user to step through chunks of code so that the variable delays can be controlled by the user. Additionally, these types of attacks are unreliable, since a program may not start as expected or a pop up gets in the way. For this reason I also added a reset button, so that if the attack fails it can quickly be reset and start again without having to unplug and replug in the device. These can be very useful in practise, however they both require the addition of a button, which could make the Rubber Ducky look less like a legitimate USB drive. As a side note, another thing I found useful was an LED indicating when the program was complete. It's especially convenient when you are unable to see the screen of the host system. If anyone is interested this is the link to my project called the WiFi Pixie: http://www.instructables.com/id/WiFi-Pixie/ There's code there as well, which is the most interesting part of this project. The Teensy platform is good if anyone wants to get very hands on with this type of pen testing tool. It uses the Arduino IDE and will require some knowledge of C. But if you're more familiar with scripting languages and you want an easy device to plug-and-play with, then the Rubber Ducky is probably a better option. I would also be interested to hear of any other ideas people have for this kind of device... Hack on!
  10. I am interested in security, but am definitely a beginner in the field. My background is wireless networking. I was looking at purchasing a few books on the subject. Violent Python http://www.amazon.com/gp/product/1597499579/ref=ox_sc_act_title_2?ie=UTF8&psc=1&smid=ATVPDKIKX0DER Metasploit - David Kennedy http://www.amazon.com/gp/product/159327288X/ref=gno_cart_title_1?ie=UTF8&psc=1&smid=ATVPDKIKX0DER were recommended to me. Does anyone have any recommendations for a CEH book or any other good ones?
  • Create New...