About Carroll

This author has not yet filled in any details.
So far Carroll has created 15 blog entries.

nessusd.exe LPE > SYSTEM

2020-03-04T15:48:38+00:00July 17 2019|

As a pen tester I've always had an account on a Nessus Pro, obviously that changes with the new model, but as a contractor I have [...]

The Wireless Problem

2019-07-03T20:51:46+00:00July 3 2019|

The right way to Guest-Network FOLLOWED BY WHY. Network Positioning Get off my LAN! Ideally a separate line completely, consider a guest network provider, let them [...]

no, yeah… yeah no…

2019-06-14T11:41:41+00:00June 10 2019|

A quick post about an article on LinkedIn about 'Pentester Syndrome'  the link on linkedin is over http so apologies, it wasn't me setting the tone [...]

The Crowd, The Source… 

2019-05-22T23:37:32+00:00May 19 2019|

This week I saw Synack and HackerOne share some information about moving into other offerings, I wanted to talk about them and explore what it means [...]

Malware Not Needed?

2018-12-23T01:14:21+00:00December 17 2018|

Recently had a *duh* moment while playing with the 'opened folder' canary technique used by - a Thinkst* project One of the Canary triggers works [...]


2019-01-03T06:32:39+00:00December 17 2018|

External Authentication Injection - What is it? It's applying folder level authentication to abuse web applications or client browsers, how you introduce it is based on [...]

Prey or Pray

2018-12-09T10:11:37+00:00December 9 2018|

I've started making some designs for fun, T-shirt-able nerdy text puns and shit like that :: here or click the big text below funny for anyone [...]

A Method of Disclosing .Onions

2018-12-03T03:47:55+00:00December 3 2018|

tl;dr Browsing via Tor is still fine, Hosting onions ... (possibly) less fine. This post is in theory, sound, however executing it would take real collaboration [...]

Kawasaki Analise …

2018-12-12T05:48:47+00:00December 3 2018|

So, I'm out here in Goa India at the moment Mysuru India (now) escaping the cold, I've just wound up a little bit of Appsec work for [...]

BugBounty != Security Consulting

2018-11-28T02:32:11+00:00November 28 2018|

It's been getting harder and harder to put your finger on the differences between Bug-bounty and Security Consulting/Testing for some, mostly due to the massive social [...]

Load More Posts