-
Using Wireshark to Troubleshoot Exploits
Wireshark has many use cases that are not only limited to networking. One example is using it to troubleshoot exploits, which makes it a useful addition to a pentester's toolset. This post will demonstrate how to use Wireshark to troubleshoot a phpMyAdmin remote code execution exploit (CVE-2018-12613). Burp Suite can...
-
Troubleshooting Firewall Issues Using Wireshark
In a previous post, the basics of Wireshark were covered, which focused on how to analyze network traffic. Another use case of Wireshark that I have found useful is to troubleshoot firewall issues affecting a client and server in a local or remote environment. For example, when attempting to access...
-
Using Wireshark to Analyze Network Traffic
Wireshark is a network analyzer that is used to analyze incoming and outgoing packets between source and destination hosts. This helps with getting a better understanding of the types of network traffic that appear on a specific network. This makes it a useful tool for both networking and security as...
-
An Insight into the Certified Red Team Operator 2021 Course
Introduction I passed the Red Team Operator (RTO) exam after going through the updated RTO course and labs. The RTO course covers red team principles such as adversary simulation, command and control and OPSEC considerations, while also focusing on internal penetration testing such as Active Directory attacks. This post will...
-
A Summary of the Log4j RCE Vulnerability (CVE-2021-44228)
A zero-day remote code execution vulnerability (CVE-2021-44228), named ‘Log4Shell’, was found that affects Log4j 2 versions 2.14.1 and below. Log4j is a logging library that is used in many Java applications. The vulnerability has been rated critical with a CVSS score of 10. The severity of this vulnerability is evident...