Posts

Simple PHP webshell with php filter chains 04-16

Beautiful Basics: Lesson 4 06-22

Beautiful Basics: Lesson 3 05-28

Blocking ISO mounting 05-27

LDAPSearch Reference 05-14

Beautiful Basics: Lesson 2 05-08

Beautiful Basics: Lesson 1 05-07

Beautiful Basics - Series 05-02

User Empowerment: Password Security 04-27

SolarFlare Release: Password Dumper for SolarWinds Orion 12-15

2020 OSCP Contest 11-26

Family Mission Statement 09-30

Run as SYSTEM using Evil-WinRM 09-13

The Four Phases of Offensive Security Teams 07-05

Let Me Out of Your Net - Egress Testing 07-04

2020 Pandemic SIP Hiring List 03-27

Run All Rules for Hashcat 02-20

Compiling a DLL using MingGW 02-09

Get Process List with Command Line Arguments 01-17

2020 ShmooCon Ticket 01-08

2020 ShmooCon Hiring List 01-07

Tribe of Hackers: Red Team Edition 08-19

2019 DerbyCon Hiring List 08-18

2019 BH/DC/BSidesLV Hiring List 07-20

Grumpy Hackers 05-24

RSS Feed Fix 05-23

Bash Golf with Whois 05-20

VulnReport Install 02-28

2019 ShmooCon Hiring List 12-15

Wifi Feature Request: WPA handshakes 10-14

Erlang Authenticated Remote Code Execution 09-15

2018 KiwiCon Hiring List 09-09

2018 DerbyCon Hiring List 09-01

Stealing Certificates with Apostille 08-26

2018 BH/DC/BSidesLV Hiring List 07-27

Pass the Hash with Kerberos 07-24

Getting Hired: A Few Tips 07-22

A Few Changes 07-09

2018 ShmooCon Hiring List 12-28

Open Source Pentesting 10-27

2017 GrrCon Hiring List 10-16

Automatically deleting old Gmail email 10-12

2017 DerbyCon Hiring List 08-13

Dump LAPS passwords with ldapsearch 07-24

Security Affairs Questions 07-03

Dynamic DNS Update Module 06-25

Reset AD user password with Linux 06-23

Password Magic Numbers 05-06

2017 Shmoocon Hiring List 01-05

Buying Internal Domain Access 12-29

Passwordreq No - A hacker prospective 12-07

Blocking countries via iptables 10-28

Snagging creds from locked machines 09-06

2016 DerbyCon Hiring List 08-17

BlackHat/Def Con/BSides Talk Picks for 2016 07-24

Linkedin NXDOMAINs - Purchased Pwnage 06-17

SMB/HTTP Auth Capture via SCF File 06-14

WPAD Persistence 05-22

Kerberoasting - Part 3 05-22

Kerberoasting - Part 2 05-21

Kerberoasting - Part 1 05-20

BlackHat USA 2016 05-01

Metasploit Minute 04-04

Another Blogging Platform 03-26

2016 Shmoocon Hiring List 01-04

Reverse Proxying Attacker Tools 12-31

Intel NUC Super Server 11-18

Meterpreter show_mount 11-02

Time 10-25

R5 Industries 10-14

DotNet's DNVM For Persistence On Developer Machines 10-05

Hiding Desktop Icons For Presentations On OSX 10-02

Hacking Advice For @Krystropolis 09-24

Get PasswordLastSet Time For Domain Controller Accounts 09-16

Using Domain Controller Account Passwords To HashDump Domains 09-15

2015 DerbyCon Hiring List 09-14

Tres Lessons From Pied Piper Delete Key Hack 09-10

Back to Blogger 09-07

pfSense without Internets 02-17

2015 ShmooCon Hiring 01-13

Powershell Popups + Capture 01-12

Full Disclosure - SingleClick Connect 09-15

OSX Persistence via PHP Webshell 09-09

Milkman: Creating processes as any currently logged in user 08-14

The Internets Own Boy 07-10

Why good leaders make you feel safe 05-27

Go home InfoSec, you're drunk 05-26

Installing PyCrypto on OSX Mavericks 05-21

Effective NTLM / SMB Relaying 05-21

CCDC Red Teamer's Creed 05-20

Dumping NTDS.dit domain hashes using Samba 05-14

Executing code via SMB / DCOM without PSEXEC 04-19

Iterative DNS Brute Forcing 02-19

Hostname bruteforcing on the cheap 01-29

Attacker Ghost Stories - ShmooCon 2014 01-18

Application Whitelist Bypass using IEexec.exe 01-16

Installing Metasploit Community Edition on Windows 8 01-13

ExtAPI Pranks 01-10

Alive Again 01-09

Metasploit Minute - Mondays with Mubix - Episode 1 01-06

All Posts

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014