Pentests
When conducting a pentest we analyze the security of your application with special focus on:
-
Reachable Systems, Open Ports, Versions, Vulnerabilities
-
Network Services, File and Business Interfaces, Vulnerable Technologies
-
Cloud Assets
-
Phishing, Client-side Attacks, Security Awareness
-
Passwords, User and Service Privileges
-
Active Directory
-
Publicly available information (OSINT)
​
I am OSCP, OSCE and OSEE certified.
Pentesting: Scopes & Skills
​
OSINT
Domains, Subdomains, Certificates, Archives, Cloud Resources, Software, People, Business Partners.
Reconnaissance
Target Scanning, Port Scanning, Vulnerability Scanning, Remote Enumeration.
Weaponization
Bind Shells, Reverse Shells.
Network Services
DNS, FTP, HTTP(S), IMAP, IPMI, LDAP, MSSQL, MySQL, NFS, Oracle, POP3, PostgreSQL, RDP, RMI, PRC, Rsync, Samba, SMB, SMTP, SNMP, SSH, Telnet, TFTP, VNC, WebDAV, WinRM, WMI.
Payloads Generation
Non-staged Shells, Staged Shells, Listeners.
Delivery
File Transfer, LOLbins, HTTP Server, SMB.
Phishing
GoPhish, BEeF, E-Mail Delivery, Metrics, Reporting, Security Awareness.
Exploitation
Metasploit, Empire.
Installation
Backdoor User, SSH, RDP, Telnet, PowerSploit, LOLBAS, GTFObins.
​
Command and Control
Remote Code Execution, Pass-the-Hash, C2 Infrastructure, C2 Frameworks.
Actions on Objective
Enumeration, Privilege Escalation, Password Cracking, Lateral Movement, Post Exploitation, Data Exfiltration, Tunneling, Pivoting.
Web Applications
Proxies, Vulnerability Scanning, Fingerprinting, Fuzzing, Web Shells, Client-side Attacks, Common Vulnerabilities.
​
Web Hacking
Command Injection, Directory Traversal, Open Redirect, Insecure Direct Object References, File Inclusion, SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Bruteforcing Logins, Session Hijacking, File Uploads, XML External Entity, HTTP Verb Tampering, Broken Authentication, CAPTCHA Bypass, Broken Access Controls, Broken Session Management, Server-Side Request Forgery, Server Side Includes, Edge Side Includes, Server Side Template Injection, Cryptography, Insecure Deserialization, Security Misconfiguration, Vulnerable Components, Sensitive Data Exposure.
​
API Hacking
RESTful Services, SOAP, Common Vulnerabilities.
​
Windows and Linux Exploitation
Fuzzing, Debugging, Stack-based Buffer Overflows, SEH-based Buffer Overflows, Heap Overflows, Bypassing DEP / ASLR / SafeSEH, ROP Chains, Shellcodes, Restricted Shellcodes, Egghunter, Arbitrary Overwrites, Use After Free, Memory Address Leakage, Reverse Engineering.
​
​
Exploit Development
Security is my profession! For years I am researching in the field of exploit techniques. I have specialized on Windows Exploit Development and exploiting vulnerabilities in network services and Linux systems:
​
-
Network Scanning
-
Port Scanning
-
AV Evasion
-
Network Protocols and Services
-
Vulnerability Scanning
-
Payload Injection
-
File Transfers
-
Exploit Techniques
-
Password Cracking
-
Client-Side Attacks
-
Web Application Attacks
-
Privilege Escalation
-
Post Exploitation
-
Port Redirection, Port Tunneling, and Port Forwarding
​
Please take notice of my books "Deep Dive" and "Ethical Hacking".
​
​
​