Skip to content
Security Task Relief
Protected: nessusd.exe privesc
This content is password protected. To view it please enter your password below: Password:
The Wireless Problem
The right way to Guest-Network FOLLOWED BY WHY. Network Positioning Get off my LAN! Ideally a separate line completely, consider a guest network provider, let...
no, yeah… yeah no…
A quick post about an article on LinkedIn about 'Pentester Syndrome' the link on linkedin is over http so apologies, it wasn't me setting the...
The Crowd, The Source…
This week I saw Synack and HackerOne share some information about moving into other offerings, I wanted to talk about them and explore what it...
Malware Not Needed?
Recently had a *duh* moment while playing with the 'opened folder' canary technique used by http://canarytokens.org/ - a Thinkst* project One of the Canary triggers...
External Authentication Injection - What is it? It's applying folder level authentication to abuse web applications or client browsers, how you introduce it is based...
Prey or Pray
I've started making some designs for fun, T-shirt-able nerdy text puns and shit like that :: here or click the big text below funny for...
A Method of Disclosing .Onions
tl;dr Browsing via Tor is still fine, Hosting onions ... (possibly) less fine. This post is in theory, sound, however executing it would take real...
Kawasaki Analise …
So, I'm out here in Goa India at the moment Mysuru India (now) escaping the cold, I've just wound up a little bit of Appsec work...
Lowkey Enterprise Asset Assurance
The Skinny Many of you will be familiar with the starters and leavers process in organisations, we all have to do it. take the same...
BugBounty != Security Consulting
It's been getting harder and harder to put your finger on the differences between Bug-bounty and Security Consulting/Testing for some, mostly due to the massive...
Cover Your Own Ass(ets)
I've reached a point in my professional life where as much as I love popping & dropping (shell's and domain controllers) it's actually more effective...
TL;DR : Guy who knows everyone has weak passwords, tells them it's their fault they get hacked, yet, it's not their fault he has their...
Active Directory Integrated Network Appliances
That's a Nice Palo-Alto Firewall Forescout Active Directory Integrated Network Appliance you have there ... be a shame if it: Exposed it's PAN Agent hashes to...
Suspendisse potenti. Nullam dictum dapibus leo. Donec vel risus a nisl fringilla facilisis ac vitae felis. In accumsan placerat tortor et fermentum. In feugiat, justo...