DEV Community

Cover image for How I pwned hundreds of users for less than $25?

Posted on

How I pwned hundreds of users for less than $25?


As long as employees do not consider security as their responsibility and use insanely Easy to Guess Passwords, no matter how much time and money organisations invest in training, right tools, and strict policies, security compromises are inevitable.

A while ago, I was engaged in performing an internal Penetration test for a reputed organisation which heavily relied on Windows infrastructure. The infrastructure was spread across different locations with a design called for every location to have its own domain, complete with numerous domain controllers (DCs), DNS servers, WINS servers, DHCP servers and work stations with so many missing patches.

This blog post explains the different stages involved in a penetration testing and gaining access to a infrastructure

Originally Published at:

Top comments (0)