Cracking password hashes with Google Colab - FOR FREE!
I recently found myself on an engagement without a viable cracking rig. While searching for alternative ways, I came across some methods utilizing Google’s C...
I recently found myself on an engagement without a viable cracking rig. While searching for alternative ways, I came across some methods utilizing Google’s C...
I recently did a talk at RVASec (great con btw) regarding USB drop assessments. I hesitated on submitting the talk as I was concerned that the interest level...
Consultants have to wear many hats and occasionally that includes being a project manager for the more complex assessments. While traditionally there are pro...
Shodan gets a bad rap. Many of you have probably heard the connotation that Shodan is “the world’s most dangerous search engine” or “dark Google” and it’s so...
Shodan’s a search engine which helps find systems on the internet. It’s a great resource to provide passive reconnaissance on a target or as a measuring tool...
One of the areas of interest that first led to me to becoming passionate about security was the Game Genies and Game Sharks. I thought it was fascinating to ...
While researching some ways in which to obtain Domain Admin within an organization, I started playing around with Responder and figured I would share a quick...
When you hear that you can steal user hashes from locked machines, everyone’s ears perk up. This attack vector has been around for almost a year now, which s...
I’m not a programmer by trade and only have limited experience by just hacking and slashing existing code to accommodate my needs for work/pen testing. In an...
I haven’t had a chance to watch all of the Mr. Robot series but this machine was a lot of fun. What I particularly like is that you are rewarded if you prope...
This was perhaps my favorite Kioptrix series and really felt like an OSCP-type machine. Once I got more time, I exploited this machine without Metasploit whi...
This set-up is slightly different than the images previously in the series, as it’s a hard-drive file that you attach to your manually created VM. While it s...
There are a ton of different ways to achieve the same result on this machine which is what I liked most about this one. It wouldn’t be a bad idea to do this ...
This is the updated image (as the previous option fixed a few bugs) but from my understanding it roughly works the same for both. This is certainly a beginne...
The Kioptrix series is a great starter boot2root series. It increases in difficulty in a gradual flow and can really help hone your enumeration process. If a...
The SickOS series from VulnHub gives you a small taste of what to expect while pursuing your OSCP. Below is a walkthrough of how to compromise SickOS 1.2 and...
The SickOS series from VulnHub gives you a small taste of what to expect while pursuing your OSCP. Below is a walkthrough of how to compromise SickOS 1.1 and...
If you’re looking to hone some of your shell skills then the OverTheWire: Bandit series is certainly a step in the right direction. By the time you finish, y...
When conducting security reviews (penetration tests, vulnerability assessments, etc) understanding what HTTP request methods exists can become imperative to ...
Anyone in InfoSec always gets asked this question, “How do I become a hacker” and “Where do I start”. I’ve been getting it an abnormal amount as of late so I...
Currently I’ve been toying with the security implications that can be imposed on an organization around authentications based on your phones proximity and pu...
There are tons of OSCP reviews floating around the web so I’ll keep the fluff to a minimum, to better make use of both our time. If you want to get to the me...
Msfvenom (replaced the former msfpayload and msfencode tools) and is a tool that can be used to generate payloads as standaline files and encode them if need...
Netcat which has been famously labeled as the “Swiss army knife of hacking” is a networking utility used for reading/writing from TCP/UDP sockets, port scann...
Below are some helpful tricks to spawn a TTY shell in the event you need to further interact with the system. These are also helpful in breaking out of “jail...
A lot can be said about buffer overflows and they are perhaps the most daunting part of attempting the OSCP for most. However, as you'll find in most of your...
I’ve thought about making my own blog for several years now and I finally took the leap! I figured this would serve as a good place to put my thoughts into w...