Powercat for Pentester

Powercat for Pentester

Introduction Powercat is a simple network utility used to perform low-level network communication operations. The tool is an implementation of the well-known Netcat in Powershell. Traditional anti-viruses are known to allow Powercat to execute. The installed size of the utility is 68 KB. The portability and platform independence of the tool makes it an essential […]

read more

The 5 best free speed test apps to check your internet and Wi-Fi network performance

In the remote work era, reliable Wi-Fi is a must. From testing network performance to locating nearby connectivity, these are five of the best Wi-Fi apps to consider. Both a speedy and stable internet connection and solid Wi-Fi network are crucial for households in the age of remote work and media streaming. Subpar performance could […]

read more

Microsoft bought CloudKnox because hybrid multicloud identity is complicated

Managing passwords and privileged access is bad enough for people—but that’s going to be dwarfed by the problem of dealing with non-human identities. Image: Shutterstock/sitthiphong How many cloud services, APIs, virtual machines and containers is your organization using? Whatever number you just thought of, you should probably double it—or add a zero at the end. […]

read more

Red teaming tutorial: Active directory pentesting approach and tools

There are a number of tools you should use when it comes to active directory (AD). Inveigh and responder as a start point Many new and legacy networks still use some protocols that adversaries can spoof and use to collect and relay authentication requests.  NBT-NS, LLMNR, and mDNS protocols broadcast a request to the internal […]

read more

Top 5 tips for dealing with supply-chain disruptions

Weather events and port issues have caused major disruptions in the global supply chain. Tom Merritt gives us five ways to deal with it. Global supply chains are in shock. Port shutdowns, volatile and unpredictable buying patterns, unfortunate weather events, fires and more have thrown the system well out of whack. It won’t last forever, […]

read more

Top 10 IT security actions to protect Internet connected networks and information (ITSM.10.089)

  Foreword ITSM.10.089 Top 10 IT Security Actions to Protect Internet-Connected Networks and Information is an unclassified publication issued under the authority of the Head of the Canadian Centre for Cyber Security. This document supersedes ITSM.10.189 Top 10 IT Security Actions to Protect Internet-Connected Networks and Information and ITSB-89 v3 Top 10 IT Security Actions […]

read more

Red Team tutorial: A walkthrough on memory injection techniques

There are many techniques within the memory injection field. Some are often found in malware or used by security experts to run their material, like during a pentesting exercise. Classic DLL injection DLL injection is a classic method of putting code into another process in memory. The first stage — the loader — adds the […]

read more

MSSQL for Pentester: Extracting Juicy Information

In this post, you will learn how will can extract sensitive sample information stored in the mssql by using powerupsql and mssql. In our previous article, we have mention tools and techniques that can be used to enumerate MSSQL Instances. Table of Contents Lab setup PowerupSQL Extracting Database Name Extracting Database Information Extracting Database Login […]

read more

Command Execution with Extended Stored Procedures

Extended stored procedures are DLL files that are referenced by the SQL Server by having the extended stored procedure created which then reference functions or procedures within the DLL. The DLLs which are behind the extended stored procedures are typically created in a lower-level language like C or C++. Extended stored procedures run within the […]

read more