SECFORCE will present Tunna framework and a number of techniques penetration testers can benefit from to bypass network firewalls.
The presentation will include common scenarios in which HTTP tunnels can be use to bridge the gap between web application testing and infrastructure testing.
Please find information about the conference here.
In this post we are going to explain how we used "iptables" to bypass an Intrusion Prevention System during a recent penetration test.
See more
Recently our team ran into an interesting SFTP misconfiguration which allows for a reliable RCE on affected systems. The original discovery by Jann Horn can be found here http://seclists.org/fulldisclosure/2014/Oct/35. Although the affected OpenSSH version is a bit dated, it can still be found...
See moreThank you!
Please try again later.
