Home page logo

pen-test logo Penetration Testing mailing list archives

Using public LDAP directories for attack preparation
From: "Per Thorsheim" <per () thorsheim net>
Date: Wed, 27 Sep 2006 20:27:57 +0200

I've seen a quite a few publicly available LDAP directories on the Internet
containing names, e-mail addresses and other employee information for a

Besides the obvious possibility of harvesting working e-mail addresses for
spam purposes, has anyone successfully used such externally available
directories for doing targeted social engineering attacks as part of a

Per Thorsheim

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
  • Using public LDAP directories for attack preparation Per Thorsheim (Sep 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]