Reversing Type 7 Cisco Passwords
While working on a recent pen test, I came across a few Cisco routers sitting on an internal ...
Continue Reading
We're Just Like the NSA, and Nothing Like Them
During penetration tests, and especially scoping calls, we often get quizzed about what secret, ...
Continue Reading
Red Teaming - Not What You May Have Thought
Lately, I’ve been doing a lot of reading on some less technical topics and I ran across “Red Team: ...
Continue Reading
Five Outdated Security Excuses
The Security Industry as a whole has been known to criticize businesses large and small with ...
Continue Reading
Introduction to Metasploit Video
The Metasploit Framework is a key resource for security assessors. Whether you’re goal is to become ...
Continue Reading
Introducing Burp Correlator!
This one is for you web penetration testers! This new Burp extension is designed to help with ...
Continue Reading
Practical Pentest Advice from PCI
The PCI Security Standards Council released a Penetration Testing Guidance information supplement ...
Continue Reading
Tip: Running BurpSuite on a Mac
Here’s a quick tip I use to save some time when spinning up Burp Suite on a Mac. I use Burp Suite ...
Continue Reading
Patching binaries with Backdoor Factory
When was the last time you downloaded a binary file from the Internet or grabbed one off of a ...
Continue Reading
Don't Forget the Little Things!
On January 31st, Deusen disclosed what was described as a Same Origin Policy Bypass flaw called ...
Continue Reading
CarolinaCon 11 Slides for Anatomy of Web Client Attack
For those who have asked – my slide deck for Anatomy of Web Client Attacks can be downloaded here. ...
Continue Reading