OSCP Prep – Episode 8: Password Cracking

This was a fun chapter to study, learning about password and the methods that can be used to crack them. Although the awareness regarding the need for password strength appears to be increasing, there are still an overwhelming number of cases where weak passwords are used, or even a general lack of password policy in … Continue reading OSCP Prep – Episode 8: Password Cracking

OSCP Prep – Episode 7: Exploits (Part 1)

Finally, after studying a range of theoretical concepts and collecting even more information, I began to exploit my virtual machines. Some of the exploits are complicated whilst some are as simple of abusing default configuration passwords, but all exploits are dangerous in the wrong hands. This section about running the exploits almost exclusively uses vulnerabilities … Continue reading OSCP Prep – Episode 7: Exploits (Part 1)

OSCP Prep – Episode 5: Searching for Vulnerabilities

This post is a direct follow up to the previous one, and is also considered part of the¬†Enumeration phase of penetration testing. After gathering general information, the next step is to start searching for vulnerabilities that might exist on a system. Any potential vulnerabilities are then noted down to provide a starting point for the … Continue reading OSCP Prep – Episode 5: Searching for Vulnerabilities

OSCP Prep – Episode 4: Searching for Information

Backtracking a little bit from the Metasploit framework I covered last week, I decided to spend a significant amount of time on information gathering, otherwise known as¬†Enumeration. There are plenty of methods you can use to find out information, with some pieces of information more valuable than others. Nevertheless, it is important to take due … Continue reading OSCP Prep – Episode 4: Searching for Information

OSCP Prep – Episode 2: The Basics

After setting up my virtual labs, I decided to go back and read Chapter 0 of Gerogia's book titled¬†Penetration Testing Primer. Although I already had a fairly good understanding of the penetration testing basics, I figured extra revision wouldn't hurt. The primer chapter covered the different types of penetration tests, as well as the stages … Continue reading OSCP Prep – Episode 2: The Basics