network
How to Create Custom Probes For NMAP Service/Version Detection
A post on how-to write NMAP version service probes via the nmap-service-probes file.
Professionally Evil Insights
how to verify pgp signature
How to verify PGP signatures
This post shows you how to do a pgp signature check with gpg
Vulnerability
Digging Between the Couch Cushions - CouchDB CVE-2021-38295 Breakdown
In this blog post we’re going to take a look at the recent CouchDB vulnerability, CVE-2021-38295, which I was credited with discovering. You can read...
Linux X86 Assembly - How To Test Custom Shellcode Using a C Payload Tester
Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them. However, what if we...
It Was The Best Of Times, It Was The Worst Of Times...A Tale of Two Passwords
Good passwords gone bad.
Low Hanging Fruit Ninja: Slashing the Risks of the Human Element
A long time ago in a galaxy far, far away, I was not a Security Consultant. I was a Chef. And I worked as a corporate Chef for an organization that...
How to configure BurpelFish
I recently was doing a pentest and was continuously looking up translations for words, and thought “there has to be a better way…”. That is when I...
Linux X86 Assembly - How To Make Payload Extraction Easier
Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our Hello World payload friendly for use as a payload in...
A New Consultant’s 1st Con - Wild West Hackin Fest - Way West 2021
Last month, I found myself Googling: Is weed legal in Nevada? This was the day after arriving in Reno for Wild West Hacking Fest – Way West 2021. I...
Linux X86 Assembly - How to Make Our Hello World Usable as an Exploit Payload
Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 assembly. While this can help us learn x86 assembly, it...
The Best Way to Capture Traffic in 2021
How can we do analysis without Wireshark? For Linux and macOS that utility has been tcpdump for quite a while; In Windows, we can use netsh.
Run as Admin: Executive Order on Cybersecurity
On May 12, 2021, President Biden issued an executive order on cybersecurity. This new order combines many trends we’re already seeing in the Fortune...