by Lydia Zhang | Sep 29, 2021 | Pen Test Technical Tips
After studying different vendors’ approaches, here is our summary of how to do SMB OS detection right. With either SMBv1 or SMBv2, both “Session Setup Request “and “NTLMSSP_NEGOTIATE requests” shall be sent;Especially for SMB v1, if only “Session Setup AndX Request”...
by Lydia Zhang | Sep 20, 2021 | Pen Test Technical Tips
The Study of Different Approaches from 4 Well-Known Vendors You may wonder “how does a blackbox penetration test tool know about my server information when it only has the server’s IP address?” The secret is a protocol, such as Sever Message Block (SMB),...
by Ridge Security Marketing | Sep 10, 2021 | Pen Test Technical Tips
Whether you conduct penetration testing an automated vulnerability scanning, knowing your target is the very essential first step. This process or technology is called Asset Profiling. In the asset profiling stage, the most important thing is to recognize the...