Clik here to view.
Intel NUC Super Server
Hi. I'm Rob... and I have a problem. Lets just say, when you find the limitations on Amazon's wishlist features for single items, you know you have a problem. My problem? I'm kinda addicted to Intel...
View ArticleClik here to view.
Automating PowerShell Empire Install
PowerShell Empire is an excellent tool and can outperform Metasploit in a few crucial ways simply because it’s using Window’s native scripting language, PowerShell. To this end, it is nice to have...
View ArticleClik here to view.
Reverse Proxying Attacker Tools
Ever want to have all of your C2 go to the same box, have the functionality of Meterpreter, and Empire, while making it so if anyone goes to the actual site of your C2 all they get is something like...
View ArticleClik here to view.
2016 ShmooCon Hiring List
Created the 2016 UNOFFICIAL ShmooCon Hiring List. To get on the list is even easier now! Just complete the following form: http://goo.gl/forms/pbYI0TZ9dG(One small tip, first come first serve, so if...
View ArticleClik here to view.
Full Disclosure - SingleClick Connect
Update: I originally posted this to the Full Disclosure mailing list but for some reason it wasn’t accepted via the moderator so I’m posting it here. First, so that the information does get out there,...
View ArticleClik here to view.
Powershell Popups + Capture
Metasploit Minute has entered into it’s 3rd “season”. And we kick it off with using the Metasploit capture modules to capture creds from this powershell popup. The cool thing about this is you can...
View ArticleClik here to view.
2015 ShmooCon Hiring
It’s often tough from both hiring and job hunters to find one another at conferences. I think this is mostly because of a couple things.No one wants to stand at a both on either side and talk job stuff...
View ArticleClik here to view.
pfSense without Internets
A while back I needed to set up a pfSense box for CTF/example stuff that didn’t and wouldn’t ever have Internet connectivity. Doesn’t seem like much of a task right? Just pop it in and go. Problem is...
View ArticleClik here to view.
Back to Blogger
I’ve had my fare share of “trying new things” after SquareSpace. I tried Ghost, Octopress, Wordpress, and about 30 others in between. All the blogging platforms I tried had some major issues that I...
View ArticleClik here to view.
Reverse Proxying Attacker Tools
Ever want to have all of your C2 go to the same box, have the functionality of Meterpreter, and Empire, while making it so if anyone goes to the actual site of your C2 all they get is something like...
View ArticleClik here to view.
Reverse Proxying Attacker Tools
Ever want to have all of your C2 go to the same box, have the functionality of Meterpreter, and Empire, while making it so if anyone goes to the actual site of your C2 all they get is something like...
View ArticleClik here to view.
2016 Shmoocon Hiring List
Created the 2016 UNOFFICIAL ShmooCon Hiring List. To get on the list is even easier now! Just complete the following form: http://goo.gl/forms/pbYI0TZ9dG(One small tip, first come first serve, so if...
View ArticleClik here to view.
Another Blogging Platform
Yes yes yes, I know, another platform, but guess what, it’s my blog, so ne-ner-ne-ner-ne-nerHugo removed what I didn’t like about Octopress (the generating / pushing of content using a mix of branches...
View ArticleClik here to view.
Metasploit Minute
Metasploit Minute Season 6 is on the air! I know we have been away for a long while. The first episode is posted https://www.patreon.com/posts/5083466 each Monday a link will be posted on the Patreon...
View ArticleClik here to view.
BlackHat USA 2016
Once again, @egyp7 and I will be teaching both our Metasploit Basics course as well as the Mastery Course.
View ArticleClik here to view.
Kerberoasting - Part 1
Previous works: There has been a number of differnet blog posts, presentations and projects that have happened before this post and I will reference a number of them during the post and at the end have...
View ArticleClik here to view.
Kerberoasting - Part 2
Previous works: There has been a number of different blog posts, presentations and projects that have happened before this post and I will reference a number of them during the post and at the end have...
View ArticleClik here to view.
Kerberoasting - Part 3
Previous works: There has been a number of different blog posts, presentations and projects that have happened before this post and I will reference a number of them during the post and at the end have...
View ArticleClik here to view.
WPAD Persistence
Mostly just writing this so I can keep notes.Today I came up with the idea to forcibly put the WPAD entry into a Windows Domain’s DNS. For those who don’t know what this would do there is an entire...
View ArticleClik here to view.
SMB/HTTP Auth Capture via SCF File
Recently saw a link to an SCF file. Didn’t know what those were so I went digging. Turns out they are a simple text based file that controls Windows Explorer. ;-)Here are the examples I found via the...
View Article