Posted in: Network Security

NetBios Penetration Testing Fundamentals

What is NetBios? Name service for name registration and resolution (ports: 137/udp and 137/tcp). Datagram distribution service for connectionless communication (port: 138/udp). Session service for connection-oriented communication (port: 139/tcp). Enumerate What? Enumerating SIDs Enumerating User Accounts Administrator ID Without Authentication With Authentication Microsoft Tools Dsget PsList psloggedon PsLogList PsPasswd PsShutdown NetBIOS Enumerator NetBios Exploits NetBIOS […]

Posted in: Network Security

Network Scanning Methodology: Theory

Network Scanning Methodology on a Penetration testing assessment, understand how to start enumerating a network manually and using nmap. I will not talk about Windows or Linux, just networking stuff. Usually in certifications labs or executing a penetration test on a client we have defined in our scope a sub net with a specified range […]

Posted in: Network Security

The Ultimate Guide to FTP Penetration Testing

Welcome, today I am writing about FTP Penetration Testing to help new students understand how the protocol works and how they can test the security of their lab. FTP Protocol FTP is used by system administrators and developers to transfer files between their machine and a remote server, its main purpose is to transfer files […]

Posted in: Network Security

Free Guide to RDP Penetration Testing port 3389

Welcome, today I am writing about RDP Penetration Testing fundamentals, I will explain how to enumerate Remote Desktop Service and how to use it to escalate privileges. RDP Penetration Testing Introduction Scanning RDP Brute Force RDP Post Exploitation Persistence Credential Dumping RDP Exploits Bluekeep

Posted in: Network Security

The Ultimate Guide to SMB Penetration Testing

Welcome, today I am writing about SMB Penetration Testing fundamentals, first I will explain the protocol basics and then how to attack the service. It is necessary to have basic knowledge of the SMB protocol. You can get a free course here! Samba Protocol Samba is used to share network resources between different Operating Systems […]

Posted in: Network Security

Free The Ultimate Guide to SSH Penetration Testing

Welcome, today I am writing about SSH Penetration Testing fundamentals describing port 22 vulnerabilities. SSH security is one of the topics we all need to understand, remote access services can be an entry point for malicious actors when configured improperly. Understand SSH Protocol Understanding how SSH works are out of scope, here I assume you […]

Posted in: Network Security

How to Install Impacket

Learn how to install Impacket collection on your system and benefit the flexibility they provide. What is Impacket? Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can […]

Back to Top