April 2011

Finding Interesting Web Servers on a Penetration Test

Large internal infrastructure tests with few constraints on testing can be fun. It's rare to conduct a test that doesn't lead to Domain Admin one way or another, but that's only half the battle. A good tester should always strive to cover as much of the infrastructure as possible within the given window, leaving no stone unturned. It's not uncommon to have hundreds, or in some cases thousands of hosts, with the majority hosting some form of vulnerability. So where do you start?