pentest

Attack Simulation: Malicious Office Document (Metasploit)

This module generates a macro-enabled Microsoft Office Word document (docm). It does not target a specific CVE or vulnerability, instead it’s more of a feature-abuse in Office, and yet it’s still a popular type of social-engineering attack such as in ransomware. By default, the module uses a built-in Office document (docx) as the template. It … Read moreAttack Simulation: Malicious Office Document (Metasploit)

Attack Simulation: EternalBlue MS17-010 (Metasploit)

The vulnerability works by exploiting the Microsoft Server Message Block 1.0. The SMB is a network file sharing protocol and “allows applications on a computer to read and write to files and to request services” that are on the same network. This demonstration will show you how to remotely take control of a system by … Read moreAttack Simulation: EternalBlue MS17-010 (Metasploit)