How Would You Proceed with a Pentest?

Below is a general methodology on how one would begin a pentest.  Do more research on your own to get the technical and legal details that are required: Get permission to attack the target in writing.  If you don’t receive permission, do NOT proceed. Use a search engine to see what comes up for your […]

Read More

InfoSec Questions Asked on Recent Phone Interview

1. What would it mean if I saw a lot of activity on port 53? First of all you need to find what is the source of traffic. Try something like: netstat -a -n -p|grep :53 or this: lsof -p PID 2. What is the diff between http and html? One is a protocol and […]

Read More

What is sqlmap?

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. sqlmap – automatic SQL injection tool root@kali:~# sqlmap -h Usage: python sqlmap [options] Options: -h, –help            Show basic help message and exit -hh     […]

Read More