Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

Varonis Seven Part Guide to Penetration Testing

Our sprawling pen-testing series has taken on a life of its own!  For your convenience and blog reading pleasure, we’ve assembled all the links to this six seven part series below....
Michael Buckbee
1 min read
Published January 10, 2016
Last updated October 14, 2022

Our sprawling pen-testing series has taken on a life of its own!  For your convenience and blog reading pleasure, we’ve assembled all the links to this six seven part series below.

Read consecutively, or since they’re mostly self-contained posts, skip ahead to the topics that appeal to you.

Part 1: Risky Business

Part 2: Rats!

Part 3: Rats & Reverse Shells

Part 4: Making a Lateral Move

Part 5: Hash Dumping & Cracking

Part 6: Passing the Hash

Part 7: Exfiltration and Conclusions

By the way, if you just want a list of good pen testing tools for newbies, check out this post.

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

penetration-testing-explained,-part-vii:-exfiltration-and-conclusions
Penetration Testing Explained, Part VII: Exfiltration and Conclusions
In this series of posts, I covered ideas to get you started using basic testing software to find security vulnerabilities. There are more advanced tools, such as Metasploit, which lets...
penetration-testing-explained,-part-vi:-passing-the-hash
Penetration Testing Explained, Part VI: Passing the Hash
We’re now at a point in this series where we’ve exhausted all our standard tricks to steal credentials — guessing passwords, or brute force attacks on the hash itself.  What’s...
penetration-testing-explained,-part-v:-hash-dumping-and-cracking
Penetration Testing Explained, Part V: Hash Dumping and Cracking
In the previous post in this series, I guessed a local password and then tried various ways to move laterally within my mythical Acme network. But what happens if you can’t...
penetration-testing-explained,-part-iii:-playing-with-rats-and-reverse-shells
Penetration Testing Explained, Part III: Playing with RATs and Reverse Shells
Last week I broke into a Windows 2008 server and inserted a remote access trojan or RAT. Don’t call security, I did this in a contained environment within virtual machines....