Testimonial : Network Vulnerabilities & Exploitation
In the methodology section of our Network assessment, we have included a screenshot of a Singtrade assessment report as well as real-world scenario testing screens. This addition aims to impress our audience and showcase the professionalism and practical nature of our services on our website. By including the Singtrade assessment report screenshot, we offer a glimpse into the depth of analysis and actionable information provided in our reports.
Network Vulnerabilities Identified
Utilizing Metasploit for Remote Code Execution (RCE) on Windows XP
EternalBlue is an exploit most likely developed by the NSA as a former zero-day. It was released in 2017 by the Shadow Brokers, a hacker group known for leaking tools and exploits used by the Equation Group, which has possible ties to the Tailored Access Operations unit of the NSA.
EternalBlue, also known as MS17-010, is a vulnerability in Microsoft’s Server Message Block (SMB) protocol. SMB allows systems to share access to files, printers, and other resources on the network. The vulnerability is allowed to occur because earlier versions of SMB contain a flaw that lets an attacker establish a null session connection via anonymous login. An attacker can then send malformed packets and ultimately execute arbitrary commands on the target.
Utilizing Metasploit for Remote Code Execution (RCE) on Windows 2008
Empire is a post-exploitation framework used for the management of compromised victim hosts. Empire offers a range of command and control modules allowing command execution and data exfiltration capabilities. Empire’s HTTP-based stagers initiate C2 connections to the attacking host via HTTP requests.To explorer click this link https://github.com/jamalhussainshah/Network-Penetration-Testing/tree/main/Empire%20framework
BloodHound is an Active Directory (AD) reconnaissance tool that can reveal hidden relationships and identify attack paths within an AD environment. To explorer click this linkhttps://github.com/jamalhussainshah/Network-Penetration-Testing/tree/main/BloodHound-SharpHound