Posts

Showing posts with the label Tutorials

Pentest Documentation

Image
Snooze Words: Documentation      In our quest to automate the dumb stuff, we tend to always leave it a huge pain in the butt to do documentation. Mostly cause some parts of documentation have to be customized and adjusted and trying to automate that we sometimes overengineer it. Without that, we get used to loading up MS Word or similar products and setting up the documents we need. Then along with services like docusign to get signatures for things like our Pentest MSA and Scoping documents, we can also automate the generation of reports. There's several tools out there for this, and I've experimented with making a few myself. For this example though I'm going to go through using obsidian as a grounds for our documentation and jupyter-lab as our pentesting platform.      To start with, I'm definitely gonna want to have a way to make a formalized document. Doc? PDF? Well I'm originally I went the doc route by using the python docx library. It worked, but wa...
Post a Comment
Read more

Networking Basics - Pentesting Training part 1

Image
Primer:      I want to make a tutorial that I could show my kid to help them understand hacking, methodology, basics, etc... so this is an introduction post, more will follow, and maybe I can add a video series to go along with this.     The first thing to talk about, is what and why. Technology, while ever changing, can will always fall victim to several problems.  First is the idea that use case when created, won't match use case performed. Such as, when creating a remote for a TV, it may use infrared to point to the TV, and that works fine when one TV is in the same room at a time. When more then this is added, conflicts are caused and the light used for remote is picked up by the infrared sensor on multiple TVs. Change channels on one, both go. Second is that nothing created by man, is or is capable of creating, flawlessness. Business profits drive innovation, but not perfectionism (or the attempt to become close to perfect).     With these is...
Post a Comment
Read more

Recon tools: amass

What is amass? I'm a big fanboy of many of the owasp tools, like zaproxy, but in this case lets talk a little bit about amass.  Like many other tools, it's good for searching for subdomains and subdomain bruteforcing, but it does so much more than that. In this example, simply asking amass to enumerate the domain feemcotech.solutions (amass enum -d feemcotech.solutions) we get more than just subdomains, we get various records and information available about the resolutions and ips related as well. feemcotech.solutions (FQDN) --> mx_record --> mx00.ionos.com (FQDN) feemcotech.solutions (FQDN) --> mx_record --> mx01.ionos.com (FQDN) blog.feemcotech.solutions (FQDN) --> a_record --> 74.208.236.20 (IPAddress) blog.feemcotech.solutions (FQDN) --> aaaa_record --> 2607:f1c0:100f:f000::200 (IPAddress) 74.208.0.0/16 (Netblock) --> contains --> 74.208.236.20 (IPAddress) 8560 (ASN) --> managed_by --> ONEANDONE-AS Braue...
Post a Comment
Read more