by Mike Saunders | Apr 16, 2020 | Blog Posts
This is the third installment in a series of blogs on user enumeration. In Part 1 – Building Name Lists, I talked about ways of building usernames from OSINT and US census data. In this installment, I’m going to discuss putting this info to work in...
by Mike Saunders | Mar 10, 2020 | Blog Posts
It’s not uncommon on external pen tests and red team engagements to find very little attack surface on the customer’s internet-facing networks. Customers have started shifting services to cloud providers, making it harder to find targets. This blog...
by Mike Saunders | Jan 30, 2020 | Blog Posts
A common part of pen tests – both network and web app – is password spraying. In order to do that, you need usernames. But how do you find out what your target’s usernames are? This is the first in a series of posts to discuss user enumeration and...
