Ask a Pen Tester: Stories From Our Penetration Testing Services Engagements

Ask a Pen Tester: Stories From Our Penetration Testing Services Engagements

Recently, we gave our customers the opportunity to ask members of our penetration testing services team any burning questions they have. They did not hold back, and neither did I. I hope you learn something from my shared tactics, experiences, and perspectives. Enjoy!

If we are referring to evidence as exfiltrating sensitive data from a compromised machine to test data loss prevention capabilities, it is highly scenario-dependent. Unless the client specifies otherwise, we place simulated sensitive data on the compromised host, then exfiltrate that. An example of this is when we compromise a server with credit card data. It would be unethical to exfiltrate legitimate consumer credit card information, so instead, we have written scripts that generate fake credit card data on the compromised server so we exfiltrate only the mock data.


To exfiltrate the data, I like using tools that communicate over HTTPS, though we often have to assess our position in the network to determine what legitimate traffic looks like, then attempt to impersonate it. Therefore, I cannot say there is a singular tool or method I often use for exfiltration of data. However, one thing that remains constant across penetration tests is the need to capture screenshots as proof for writing reports. For this, I like to use the screenshot tool Greenshot, since it makes annotations and obfuscations a snap.


Do you use any of the Hak5 gear when out in the field?


I most definitely do. My personal favorite is the LAN Turtle (so many applications). I intend to buy a BashBunny at some point, as I have been wanting to try it out. I have used my LAN ..

Support the originator by clicking the read the rest link below.