June 12th, 2011 
Mourad Ben Lakhoua Getting the information about website configuration and version is important during penetesting any web application, for this purposes you can consider WhatWeb. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. It has over 900 plugins, each to recognize something different.it also helps to [...]
June 4th, 2011 Mourad Ben Lakhoua New version of John The Ripper has been released, John the Ripper is a free password cracking software tool. Initially developed for the UNIX operating system, it currently runs on fifteen different platforms (11 architecture-specific flavors of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing/breaking programs as it [...]
Posted in Pentesting, Tools 
Tags: Password Hacking, Password recovery, Pentesting, Tools 
59 Comments » April 24th, 2011 Mourad Ben Lakhoua Social engineering has enjoying an increasingly effective and prominent role in effective online attacks. The term itself is a big one, encompassing targeted surveillance and information-gathering techniques that early hacking stars such as Kevin Mitnick mastered (and went on to write about), down to the ubiquitous phishing and spam email message. “The Social Engineering Toolkit [...]
Posted in Pentesting, Tools Tags: Metasploit, SET, social engineering, Social Engineering Toolkit 37 Comments » March 25th, 2011 Mourad Ben Lakhoua New standard for penetration testing has been created with a wide set of rules to improve ethical hacking work and penetration testing mission. Penetration Testing Execution Standard – PTES is the name of this standard that will help to have a clear path for pentester to check different vulnerabilities and provide customers a high quality [...]
Posted in Best Practices, Pentesting Tags: Ethical Hacking, Penetration Tester, Pentesting, PTES, Standards 18 Comments » December 26th, 2010 Mourad Ben Lakhoua Social engineering has enjoying an increasingly effective and prominent role in effective online attacks. The term itself is a big one, encompassing targeted surveillance and information-gathering techniques that early hacking stars such as Kevin Mitnick mastered (and went on to write about), down to the ubiquitous phishing and spam email message. “The Social Engineering Toolkit [...]
Posted in Pentesting, Tools Tags: Metasploit, SET, social engineering, Social Engineering Toolkit 11 Comments » December 14th, 2010 Mourad Ben Lakhoua We already shared the PowerShell security policies and protection measures that are used by Microsoft, as a reminder there are 4 levels of execution policies that can help in securing different script execution. Now that post has been mostly focused on system security administrator benefit but what about hackers, do they have benefits for PowerShell [...]
Posted in Operating System, Pentesting, Vulnerabilities & attacks Tags: DefCon, DefCon18, Metasploit, Pentesting, PowerShell 11 Comments » August 20th, 2010 Mourad Ben Lakhoua Tools for the first part may not be completed without SpoonWEP/SpoonWPA which firstly introduced in BackTrack3, this is also a part of aircrack-ng with a graphical interface allows pentester to take the same channel of the Access point and crack the security keys of the AP. Another very interesting tool is Karmetasploit which allows you [...]
Posted in Pentesting, Tools Tags: BackTrack, cracking 802.11 WEP, Security, Wireless Security, WLAN 11 Comments »
