The Best Way to Capture Traffic in 2021
How can we do analysis without Wireshark? For Linux and macOS that utility has been tcpdump for quite a while; In Windows, we can use netsh.
Computers are People Too
There are those rare times during pen tests, when you are on a client’s network and you don’t have any valid domain credentials but you do have local...
Android App Testing on Chromebooks
Update: As of March 2021, I’d recommend using Android Virtual Devices over Chromebooks. Chromebooks still work (in many cases) but the AVDs are much...
Watching yOUr Permissions
Often, one of the main goals of a pen tester is to get Domain Admin (DA) rights in a client’s Windows network. But why do we want to get that level...
Ever Run a Relay? Why SMB Relays Should Be On Your Mind
Time is never on your side when you’re onsite with a client and trying to get the first good foothold, with admin privileges, can seem impossible....