Overview of all pages with the tags #pentest

Docker for Pentesters

Posted on July 18, 2019 | ropnop

Docker has become such an integral part of my worfklow recently. These examples should demonstrate how Docker can help you be a more efficient pentester [Read More]

docker pentest impacket linux smb windows

Attacking Default Installs of Helm on Kubernetes

Posted on January 28, 2019 | ropnop

Default installations of Helm on Kubernetes can make it trivial for attackers to escalate to cluster admin. In this post I'll demonstrate how. [Read More]

pentest kubernetes helm tiller gke

Serverless Toolkit for Pentesters

Posted on November 11, 2018 | ropnop

Serverless functions have so much potential - here's a few useful examples I use when pentesting or doing bug bounties. Who needs testing infrastructure? [Read More]

docker pentest serverless

Extracting SSH Private Keys From Windows 10 ssh-agent

Posted on May 20, 2018 | ropnop

The newest Windows 10 update includes OpenSSH utilities, including ssh-agent. Here's how to extract unencrypted saved private keys from the registry [Read More]

windows ssh powershell openssh rsa pentest

SANS Holiday Hack 2017 Writeup

Posted on January 18, 2018 | ropnop

The SANS team hit another homerun with the HHC including awesome challenges that mimicked real-world pentest activities. Here's my solutions! [Read More]

sans writeup pentest holidayhack

SANS Holiday Hack Write-ups

Using Credentials to Own Windows Boxes - Part 3 (WMI and WinRM)

Posted on April 27, 2016 | ropnop

WMI and WinRM are two Windows administrative "features" that are ripe for abuse if you have credentials. In this post, I'll show how to (mis)use them... [Read More]

windows shell pentest wmi winrm powershell

Using Credentials to Own Windows Boxes

Plundering Docker Images

Posted on April 15, 2016 | ropnop

On a recent pentest, we recovered credentials to a private Docker registry. Looting the contained images yielded us source code and admin ssh keys. [Read More]

docker pentest