Hello, when interactive logon for service account is prohibited, what are other ways you could execute command using its credentials? Thanks! submitted by /u/SmokeyShark_777 [visit reddit] [comments ..read more

Hello, I was recently asked by my employer to conduct a physical pentest on several locations in the near future. I am not a pentester and have no experience with this sort of work, but have always found it interesting. ​ The company has never done anything like this before, so there is no formal documentation for the process. Along with the pentest, I am to help formalize the documentation process and make it accessible for future tests. ​ After looking around at previous posts, the majority of the advice given is to stay within scope, however since the company has never done this, there is ..read more

What are your favourite script you use working as a penetration tester that save you a lot of time? Do you have any scripts you have written to save you time during the testing or even during the reporting phase? Fuck submitted by /u/HazardNet [visit reddit] [comments ..read more

Ive been working in fucking cybersecurity for 6 years but dont have much penetration testing experience. Has anyone heard of the PenTest cert from TCM Security?? Is is worth it? Is it actually "practical". My work is considering paying to have me trained me up in penetration testing. I want to ensure I get credible training that benefits me in making this a career. For those career pen testers, any advice for someone trying to get into this? Would you have done anything differently? Fuck submitted by /u/Agitated-End4392 [visit reddit] [comments ..read more

An apple airtag has been sitting on a ledge right where everyone’s mail goes in the front entrance of a 4 unit apt. It triggered my phone. Is this person trying to spy on who’s coming and going? Seriously, fuck whoever put it there. Or am I just paranoid? submitted by /u/FelonyDrifter [visit reddit] [comments ..read more

Well fuck me.... I've been teaching myself pentesting for a bit more of than 7 months. My approach has been to diligently work through most of Georgia Weidman's book Pentesting until I transitioned to Hands-On Hacking (Matthew Hickey). The latter was a very helpful introduction, but I got the feeling it was a bit too dated; Hickey's book has been great and seems new enough for the basics. Conceptually I feel pretty comfortable with it, only difficulty is keeping all the detail of it in my head. Now I'm looking for something else to work through, and I'm struggling figure out what. I've been l ..read more

If you are testing a domain joined computer with local credentials and the DC is not in scope... is "Active Directory" off limits? dsquery(stale accounts, Domain Admins, location of break glass account, computer inventory), domain credentials found in cleartext, kerb tickets? If you find domain creds in plaintext, which is more important.. a screenshot of the file where you found them or of you using them(runas, rdp)? Do you write out steps to reproduce the attack to include tool names/arguments so that the system owner can reproduce. Or is the effect good enough since tools change and TTP's ..read more

Hey everyone. I am conducting pentest on an application where db is elasticsearch. I know they don't have input validation as I was able to put the null value in the DB (via REST api) causing the application to show errors. I want to know if there are queries that can be provided instead of null which may allow retreiving data from it (Elastic Injection). Suggest some blogs if you know any. Fuck submitted by /u/cyberchoudhary [visit reddit] [comments ..read more

Let me know if it’s fucking shite or could come in handy. submitted by /u/Leading-Employer-828 [visit reddit] [comments ..read more

I’m thinking things like metal detectors, RF scanners, IR, things you have to get past before you get to the tech. What methods have you found useful for overcoming physical security, and what’s still perplexing you? submitted by /u/Gloomy-Substance6309 [visit reddit] [comments ..read more