Introduction to MobiSec video
We just wanted to post a quick update to let you know about a new video. Kevin (working with James) ...
Continue Reading
Reading the Mandiant APT1 Report
Like a lot of folks, I downloaded and read through the Mandiant APT1 report as soon as I could. ...
Continue Reading
Active Defenses?
Active defense, often mistakenly called hacking back, is a common topic thrown around the security ...
Continue Reading
Where in the RSA is Kevin?
So RSA 2013 in San Francisco is coming up and I will be there for two different parts of the event. ...
Continue Reading
Grab a CORS Light
Many of you already know that any cross-site HTTP requests invoked from scripts running within a ...
Continue Reading
Laudanum by Example: Shell
Previously, I wrote a post providing a brief introduction to Laudanum. If you haven’t read it, or ...
Continue Reading
Introduction to Laudanum
As a security consultant, there are so many scenarios that I run into every day that there is no ...
Continue Reading
Hi, I'm with IT and I'm Here to Steal From You
Beware of the Unknown IT Grunt I decided to continue on with the same theme as Kevin’s post about ...
Continue Reading
WinPhone 7: Fiddler Setup
One of the many tasks on any penetration tester’s to-do list is to set up a web proxy for debugging ...
Continue Reading
Finding the Leaks
One of the common vulnerabilities we find when performing internal network penetration testing is ...
Continue Reading
Spear Phishing: "You guys are Shady!"
This post is part of our Professionally Evil series of posts that discuss some of the experiences ...
Continue Reading