DEV Community

Cover image for How I pwned hundreds of users for less than $25?
vasant
vasant

Posted on

How I pwned hundreds of users for less than $25?

Introduction

As long as employees do not consider security as their responsibility and use insanely Easy to Guess Passwords, no matter how much time and money organisations invest in training, right tools, and strict policies, security compromises are inevitable.

A while ago, I was engaged in performing an internal Penetration test for a reputed organisation which heavily relied on Windows infrastructure. The infrastructure was spread across different locations with a design called for every location to have its own domain, complete with numerous domain controllers (DCs), DNS servers, WINS servers, DHCP servers and work stations with so many missing patches.

This blog post explains the different stages involved in a penetration testing and gaining access to a infrastructure

Originally Published at: https://www.cloudsecguy.dev

Top comments (0)