Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] First step of a pen-test
From: "Missy, E" <freehold () EROLS COM>
Date: Fri, 22 Sep 2000 14:46:14 -0400

LOL the comment on scoping out parking lots for passwords as an early
part of pen-test :), what about the prominently labeled CEO ONLY space
with the Boxster parked in it, tie that in with the CEO's name, tag or
some other tidbit about the CEO & voila, password/user name without any
ugly brute forcing. :)

Another gold mine is employee personal home pages, which frequently list
home pages & IDs for co-workers as well as hobbies, kids/pets names,
anniversaries & other important dates, project names/descriptions,
work-related links (including within the corporation), corporate/private
phone numbers, vacations, favorite restaurants, resumes, & even stored
work in progress.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]