Skip to main content

Posts

Showing posts from 2012

Welcome to Mark Baggett - In Depth Defense

I am the course Author of SANS SEC573 Automating Information Security with Python. Check back frequently for updated tools and articles related to course material.




Stuff I worked on in 2011 & 2012

I suppose I should update this site more often... So much to hack; so little time.   Here is some of the public stuff I have been working on in 2011, 2012. Grabbing Usernames, Passwords, Cookies and more from HTTPS websites http://pauldotcom.com/2012/07/post-exploitation-recon-with-e.html http://pauldotcom.com/2012/09/data-mining-event-tracing-for.html Privilege Escalation through VMWare snapshots http://pen-testing.sans.org/blog/2012/08/03/pen-test-privilege-escalation-through-suspended-virtual-machines Using Windows Resource Monitor to find hackers http://isc.sans.edu/diary/13735 A great SCAPY shortcut for TCP Fussing https://isc.sans.edu/diary.html?storyid=14080 Python Shells: One liners: http://pauldotcom.com/2011/10/python-one-line-shell-code.html Put Meterpreter in Python for 100% evasion: http://pen-testing.sans.org/blog/2011/10/13/tips-for-evading-anti-virus-during-pen-testing Cool new SQL Injection Tool - It is different! http://pen-testing.sans.org/blog/