2012

View all on this date written articles further down below.
24 Dec 2012

[Metasploit Pro] Client-Side Campaigns

Playing around with Metasploit Pro after the latest update, I noticed there has been a complete makeover in how Campaigns are set up. Campaigns are used in / for the Client-side testing (read: social engineering, phishing emails, phishing forms, web server serving exploits, file format exploits, etc.).

So I thought of sharing the new configuration steps with you ninjas. Let's begin.

Read more

09 Aug 2012

Passed GIAC GXPN Exam

Hey guys, I challenged and passed certification exam for SANS 660 - GIAC Exploit Developer and Advanced Penetration Tester (GXPN) recently.

As with most of my previous GIAC exams, I did a self-study for GXPN as well. SANS / GIAC categorizes this exam / course as 'Advanced' so keep that in mind when preparing.

Exam objective break up list is available on GIAC GXPN site and must be the first place to prioritize study plan. As I see it, there are 2 sections to plan for.

Read more

29 Jan 2012

[Quick Notes] Various network scan types

A pentester performs several types of network scans during a test. These are usually sequential in nature, that is, we proceed with each scan, collect information and the move on to the next scan. With each scan, we gather specific information about our target environment.

Read more