Posted On:October 2013 - Pentest Geek

standard

PentestGeek Was At Derbycon 3.0 “All in The Family”

2013/10/24 - By 

Ok so I know it isn’t exactly breaking news that DerbyCon 3.0 was awesome. Still I wanted to take a moment to reach out to any of our readers living under a rock and let them know that last September, the PentestGeek.com crew had an opportunity to represent at one of the coolest Information Security events of the year, the DerbyCon!

Read More


standard

Smbexec 2.0 released

2013/10/23 - By 

We released smbexec version 2.0 a few days ago and it comes with some rather large differences from previous versions. For one thing it was completely rewritten in Ruby, for another it now supports multi-threading. While it still maintains all of the functionality of previous versions (remotely dumping hashes from systems or domain controllers, identifying where domain administrators credentials are in use, throwing around obfuscated meterpreters, etc) , I wanted to highlight some of the larger changes and new features in this release.

For those that don’t know what smbexec is or haven’t used it before there was a great derbycon presentation  at the 2013 conference found here by Martin Bos (purehate) and Eric Milam (brav0hax). The quick description is that smbexec is a tool that focuses on using native windows functions/features for post exploitation and expanding access on a network after you gain some credentials, whether that be a hash or password for a local or domain account. It allows a pentester to quickly identify targets of interest and gain access to them across large networks without much need to worry about AV and UAC. You can grab the code at the pentestgeek github repo.
Read More


Follow Pentest Geek

twitterrssyoutubetwitterrssyoutube

Subscribe to Pentest Geek

Recent Posts

Penetration Testing

Categories

Metasploit

Web Application Hacking

css.php