Ten years later… Memories from Pentesting Past
ATT&CK techniques detected
T1595.002Vulnerability Scanning
58%
"eek. ” you see, the lesson is that sometimes the greatest exploits and success come from weird places. this is the genesis. this is where it all transitioned for me on network assessments. i cannot remember all the times i exploited ms03 _ 026. it was a lot. but this stuck. this …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110.001Password Guessing
46%
"system, running full linux and just waiting for a password. we did not know the password. so, we brute - forced the root password for a few days to no avail. this is when i learned that you can easily overload ssh with too many password attempts. we scaled it back to one guess at…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1046Network Service Discovery
42%
"eek. ” you see, the lesson is that sometimes the greatest exploits and success come from weird places. this is the genesis. this is where it all transitioned for me on network assessments. i cannot remember all the times i exploited ms03 _ 026. it was a lot. but this stuck. this …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
John Strand // So, I have passed the timeframe where I have been actively penetration testing for over a decade…. I have a large number of pretty strongly held beliefs […]
The post Ten years later… Memories from Pentesting Past appeared first on Black Hills Information Security, Inc..