Month: <span>October 2017</span>

Detecting CrackMapExec (CME) with Bro, Sysmon, and Powershell logs

October 19, 2017
DefenseIncident Response
0 Comment

CrackMapExec is a popular tool that is used by attackers to move laterally throughout an environment. I use it personally on my penetration tests, as I’ve found that it does a really good job at moving from system to system without detection.  My goal with this blog post is to give defenders some techniques on…

Read More

VulnHub Walkthrough: RickdiculouslyEasy 1

October 16, 2017
Walkthrough
0 Comment

A new Boot2Root came online on VulnHub and it looked like fun.  This one is themed around a cartoon show called “Rick and Morty”. First order of business for me is to run an Nmap scan. I like to do a full TCP port scan with service enumeration. root@kali:~# nmap 10.0.1.9 -Pn -p- -sV Starting…

Read More

How to Burp Good

October 6, 2017
Pentesting
0 Comment

Burp Suite is one of my favorite tools for web application testing. The feature set is rich, and anything that it does not do by default can usually be added with an extension.  There are a few things however, that while they exist in Burp Suite, they are not completely intuitive.  Here are a few…

Read More