Hunting and Hacking MSSQL Servers - Published Article on PenTestMag.com

Me and my colleague wrote an article about how to pentest MSSQL end to end. As pentesters, we are always constantly researching on how to make our lives easier when performing ethical hacking engagements structurally and ensure that all possible methods are used based on methodologies such as OSSTMM.

We spent about a week browsing through the web and compile what could be done to properly assess a MSSQL server/services and sat down and test it on our testing servers (knowing that most customers do not allow us to exploit the systems).

So once we wrote the article, we send it to PenTestMag.com for review and cross our fingers hoping it will be reviewed and accepted. Fair enough, upon review, we had to elaborate, add, edit and explain the methods used so it will be easy for readers to understand and technically possible to follow on a step by step basis.

Hence, after all our hard work, it was finally accepted and a month later, it got published! So ladies and gentlemen, i present you some snapshots of the article! :)

The cover of the magazine

My Colleague and myself on the cover!

The content page

The first page of the article

The end of the article and our brief bio.

The article can be downloaded at:

 http://pentestmag.com/renaissance-of-the-reconnaissance-pentest-regular-072013/

Published Article in Pentestmag.com - Pentesting: The Open Source and Manual Way

Second security article related to penetration testing/hacking published in Pentestmag.com. Due to author-magazine agreement, i could not upload the whole content of my published article. Only subscribed users can download the whole magazine.

Links to the magazine: 

http://pentestmag.com/special-starterkit-pack/

http://pentestmag.com/become-well-known-pentester-today-pentest-starterkit-032013/

The focus of this article is to demonstrate on how to perform a pentest using open source and manual methods rather than using automated tools such as Qualys or Nessus. It also elaborates on the reason why performing the manual way provides a better and deeper understanding of the system and vulnerabilities associated with the services/applications found during the recon and scanning phase.

The Cover Page

The Table of Contents

The First Page of my Article

The Final Page of my Article

BT's Advertisement

Social Engineering - Pentesting the Human Element

Alas, wrote an article to Pentestmag and got accepted and published! 

The cover page of the PentTest magazine

The list of authors of the individual articles

The first page preview of the article.

Download and read the full article here

http://pentestmag.com/basics-of-pentesting-pentest-starterkit-0213-teaser/