Here’s a few of the interesting and useful articles and tools that I’ve come across last week.
Articles and news:
This is a guide for anyone who has an interested in penetration testing but no experience with it.
Where a system locks a user out after several unsuccessful login attempts, this guide outlines some ways that you may be able to defeat this
Exploiting Active Directory misconfigurations to get domain admin
A Russian-speaking grey-hat hacker is breaking into people’s MikroTik routers and patching devices so they can’t be abused by cryptojackers, botnet herders, or other cyber-criminals
Bringing together multiple OSINT data points
Tools and tech:
Scout2 is a security tool that lets AWS administrators assess their environment’s security posture.
A great tool for building a bespoke password list based on user data you provide.
An alternative dataset for Nmap fingerprint script http-default-accounts
A tool to pop a PowerShell credentials box that will ask the user to submit their details, before passing them to an external web server
A high performance DNS lookup tool