Clik here to view.
2017 GrrCon Hiring List
Created the 2017 UNOFFICIAL GrrCon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/ddfN6gHPbCJweGUw2(One small tip, first come first serve, so...
View ArticleClik here to view.
Open Source Pentesting
My talk today at Wild West Hacking Fest was about some documents that I released here. I’ll make this blog post more indepth later but for right now I wanted to get the slides out.(If you can’t access...
View ArticleClik here to view.
2018 ShmooCon Hiring List
Created the 2018 UNOFFICIAL ShmooCon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/aDRYaH5wubSqWcUk1(One small tip, first come first serve,...
View ArticleClik here to view.
A Few Changes
For nearly a year I left a CoinHive miner up on the blog so that people that didn’t feel like or couldn’t afford a way to support the blog could do so via a bit of CPU power. Unfortunately during that...
View ArticleClik here to view.
Getting Hired: A Few Tips
In early August of 2017 I posted a few tips to Twitter regarding interviewing and getting hired in general. I’ pasting them here to preserve them. I only had 140 characters to make these, and I think...
View ArticleClik here to view.
Pass the Hash with Kerberos
This blog post may be of limited use, most of the time, when you have an NTLM hash, you also have the tools to use it. But, if you find yourself in a situation where you don’t have the tools and do...
View ArticleClik here to view.
2018 BH/DC/BSidesLV Hiring List
Created the 2018 UNOFFICIAL BlackHat, DEF CON, BSidesLV Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/dIjQHTPLk7ZYyv5D2(One small tip, first...
View ArticleClik here to view.
Stealing Certificates with Apostille
At Def Con 26, @singe and @_cablethief gave a talk on enterprise wireless attacks. When it’s video is released you should check it out.During that talk, they quickly touched on a tool written by Rogan...
View ArticleClik here to view.
2018 DerbyCon Hiring List
Created the 2018 UNOFFICIAL DerbyCon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/K6kfOY5dHH6lcQm63(One small tip, first come first serve,...
View ArticleClik here to view.
2018 KiwiCon Hiring List
Created the 2018 UNOFFICIAL Kiwicon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/hfftscOGBWp14Ust1(One small tip, first come first serve,...
View ArticleClik here to view.
Erlang Authenticated Remote Code Execution
Erlang is a programming language that I have tried to learn a few times in the past but never really dug in, that is, until recently.Erlang is an interesting language because it has “built-in...
View ArticleClik here to view.
Wifi Feature Request: WPA handshakes
I have a bit of a feature request for all wireless assessment tools out there:Many times before arriving on site for an assessment, I’ll know the ESSIDs of a target wireless network for a client....
View ArticleClik here to view.
2019 ShmooCon Hiring List
Created the 2018 UNOFFICIAL ShmooCon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/I4sbeEpxMwNI6qn33(One small tip, first come first serve,...
View ArticleClik here to view.
VulnReport Install
A co-worker referenced a pretty cool tool released by @SalesForce’s security team called “VulnReport“I wanted to try it out so I checked out their Github report to start the install:...
View ArticleClik here to view.
2018 ShmooCon Hiring List
Created the 2018 UNOFFICIAL ShmooCon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/aDRYaH5wubSqWcUk1(One small tip, first come first serve,...
View ArticleClik here to view.
A Few Changes
For nearly a year I left a CoinHive miner up on the blog so that people that didn’t feel like or couldn’t afford a way to support the blog could do so via a bit of CPU power. Unfortunately during that...
View ArticleClik here to view.
Getting Hired: A Few Tips
In early August of 2017 I posted a few tips to Twitter regarding interviewing and getting hired in general. I’ pasting them here to preserve them. I only had 140 characters to make these, and I think...
View ArticleClik here to view.
Pass the Hash with Kerberos
This blog post may be of limited use, most of the time, when you have an NTLM hash, you also have the tools to use it. But, if you find yourself in a situation where you don’t have the tools and do...
View ArticleClik here to view.
2018 BH/DC/BSidesLV Hiring List
Created the 2018 UNOFFICIAL BlackHat, DEF CON, BSidesLV Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/dIjQHTPLk7ZYyv5D2(One small tip, first...
View ArticleClik here to view.
Stealing Certificates with Apostille
At Def Con 26, @singe and @_cablethief gave a talk on enterprise wireless attacks. When it’s video is released you should check it out.During that talk, they quickly touched on a tool written by Rogan...
View Article