OSCP Prep – Episode 5: Searching for Vulnerabilities

This post is a direct follow up to the previous one, and is also considered part of the¬†Enumeration phase of penetration testing. After gathering general information, the next step is to start searching for vulnerabilities that might exist on a system. Any potential vulnerabilities are then noted down to provide a starting point for the … Continue reading OSCP Prep – Episode 5: Searching for Vulnerabilities

OSCP Prep – Episode 4: Searching for Information

Backtracking a little bit from the Metasploit framework I covered last week, I decided to spend a significant amount of time on information gathering, otherwise known as¬†Enumeration. There are plenty of methods you can use to find out information, with some pieces of information more valuable than others. Nevertheless, it is important to take due … Continue reading OSCP Prep – Episode 4: Searching for Information

OSCP Prep – Episode 2: The Basics

After setting up my virtual labs, I decided to go back and read Chapter 0 of Gerogia's book titled¬†Penetration Testing Primer. Although I already had a fairly good understanding of the penetration testing basics, I figured extra revision wouldn't hurt. The primer chapter covered the different types of penetration tests, as well as the stages … Continue reading OSCP Prep – Episode 2: The Basics

OSCP Prep – Episode 1: Virtualization

One of the first steps in getting started with penetration testing is naturally to install virtual machines of various operating systems. Although I was aware of how virtual machines work, I never had any real experience installing and running them before. Expecting this to be a simple and straightforward process, I ran into a fair … Continue reading OSCP Prep – Episode 1: Virtualization