As a penetration tester, it is essential to have a strong understanding of Windows privilege escalation. The process of escalating privileges allows a user or attacker to gain additional permissions on a system, enabling them to perform actions they would not typically have the authority to perform. In this guide, we will explore the various...
As a cybersecurity professional, I’ve come across various attacks that threaten network security. LLMNR poisoning is one such threat, which poses great danger if left unaddressed. In this blog, I will outline exactly what LLMNR poisoning is and its dangers as well as ways it can be avoided and combatted. What is LLMNR poisoning? LLMNR...
What is UAC? UAC (User Account Control) is a windows security feature that forces any new process to run in non-elevated mode by default. Any process executed by any user including administrators themselves has to follow the rules of the UAC I.e., ‘Do not trust any user running the process’. If actions has to be...
There are situations where On-site penetration testing is not always feasible. It’s better to go for a remote “pentest dropbox” in such cases. The pentest dropbox, in this context, is a Raspberry Pi 4 which is shipped to a remote customer/client. The client will either connect the dropbox to an ethernet port or set the...
Introduction to VLAN Virtual LAN is a logical method of grouping Layer-2 switchports on a local switch into different broadcast domains. VLANs can help to segment a physical network switch to multiple virtual networks. VLANs can be set up by configuring network switches with a specific VLAN name and number. Valid VLAN numbers can range...
