SolarFlare Release: Password Dumper for SolarWinds Orion
TL;DR Here are the concerns I have regarding the SolarWinds/FireEye breach: The accounts stored in an organization’s SolarWinds Orion may be underestimated. I recently did a pentest for a firm that had...
View ArticleUser Empowerment: Password Security
World Password Day (who knew that was a thing?) is upon us. It is the first Thursday of May every year, and that falls on May 6th this year. I’m not sure how to start this blog post, but the meat of...
View ArticleBeautiful Basics - Series
Today I keynoted @BSidesVancouver. It was an honor to be asked and I had a great time. Conference Link: https://hopin.com/events/bsides-vancouver-2022/ I talked about 11 lessons learned over my career...
View ArticleBeautiful Basics: Lesson 1
Lesson 1 - YOU could be “Legacy” Stop thinking that just because it did or didn’t work X way when you learned it, it still does or doesn’t. That could be 20 years ago. Technology changes faster than...
View ArticleBeautiful Basics: Lesson 2
Lesson 2 - Least Privilege No one should have administrative access. All elevated access should be checked out when you need it and checked back in (automatically if possible). Just like UAC. MFA...
View ArticleLDAPSearch Reference
ldapsearch is a extremely powerful tool, especially for Windows Active Directory enumeration. It’s one of my primary tools when performing pentesting or red teaming against an environment with Active...
View ArticleBlocking ISO mounting
Update: 10/15/2022 One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to...
View ArticleBeautiful Basics: Lesson 3
Lesson 3 - Detection Reality People and Honey tokens are THE BEST detective tool you have. Go buy a Thinkst Canary, they detect me more than any multi-million dollar EDR. Period. Let me clarify...
View ArticleBeautiful Basics: Lesson 4
Lesson 4 - User Blaming Security is NOT everyone’s job in the company. Stop trying to force the issue. It’s security’s job to enable, incentivize and protect. In the Marine Corps, I was taught that...
View ArticleSimple PHP webshell with php filter chains
Recently found an LFI in a PHP application and one of the cool things I learned about recently was PHP filter chains. More info here:...
View Article