did not match any content.
The intent of this paper is to present a compilation of the easiest and most prevalent network-based techniques an attacker can use to gain access to systems and data, also popularly known as “low-hanging fruit” in the information security community. More often than not, these lead to complete compromise of a Microsoft Windows domain. The focus of this paper is on gaining the first foothold on the network. These methods are based on my personal experience and hence are subjective, and most penetration testers would concur with many, if not all, of them. This paper does not discuss new attacks, but rather presents commonly known methods of finding low-hanging fruit, the ease with which they can be exploited, the impact of this
exploitation, and, finally, remediation suggestions to address them.