Category Archives: Penetration Testing

Penetration testing information, tools, tutorials, contracts and howto

Penetration Testing Reconassaince Command Line Tricks Dig, Mass Domain Resolution, Ping Sweeping

Here are some simple command line tricks to help while doing recon on your target network/host A simple way to automatically resolve domain names, can be used with a for loop to resolve a massive list of domain names, you can also add a cronjob and create an .out file if you want to track… Read More »

Share Button

How to use WPScan WordPress Scan Kali Linux Vulnerability Scan + Snort Rule Example

Running a wordpress site means that you have to always be on the ball when it comes to updating your plugins, themes and wordpress itself. It is a good idea to scan yourself on a regular basis using simple Kali built in tools such as wpscan and sqlmap. You don’t have to be too intrusive… Read More »

Share Button

Penetration Testing USB KeyGhost Keylogger UNDETECTABLE Hardware – Alternative to KeyGrabber

is this legal? You have to make it legal, using the Penetration Testing contracts provided just need to add a clause that allows you to use social engineering tactics that include keylogging devices, USB sticks and other peripheral devices as part of the test. Almost always I am permitted to do so because it proves… Read More »

Share Button

The Ultimate Penetration Testing Pen Test Tool The KeyGrabber Wi-Fi Premium is a USB wireless keylogger

You want to always have a successful pen test? I have used this little trick with 100% efficiency. It is very sneaky, basically it is a usb stick that has a female and male end on it, you stick the USB keyboard plug into the back of the device and plug the device back into… Read More »

Share Button

Another Penetration Testing Pen Test Agreement MOA MOU Contract Document

Penetration Testing Agreement – Download a formatted PDF at the bottom This document serves to acknowledge an engagement between the Business Owner and Data Custodian (see descriptions page 2), collectively of the following system(s) or application, the University Chief Information Officer, and the University IT Security Officer. Systems(s) to be tested: _______________________________________________________________ Testing Time Frame:… Read More »

Share Button