Endpoint security tools can be a real pain when trying to get accurate vulnerability scans. Some tools go so far as to kill off a generic Nessus scan. Each has it’s own bypass mechanism.
Continue reading “Disabling Symantec AV for pentesting”
Author: Chris
Email attack analysis on a rainy Friday
After several weeks of nothing happening malware-related at work, my phone pinged and alerted me to someone caught red-handed clicking on something they shouldn’t have. Continue reading “Email attack analysis on a rainy Friday”
Microsoft Exchange 2013/2016/2019 vulnerable to remote privilege escalation
Exchange 2013 or later fails to properly authenticate and validate certain requests, allowing a remote attacker with access to an Exchange mailbox to gain full Domain Administrative privileges.
Continue reading “Microsoft Exchange 2013/2016/2019 vulnerable to remote privilege escalation”
Starting your pentest…with reporting?
Reporting might sound like an odd place to start a pentest. When most well-known pentesters say that reporting is one of the most important parts of the test, you tend to sit up and take notice.
Continue reading “Starting your pentest…with reporting?”
Defense Tip – Regexs for Coin Wallet Addresses
I suggest putting these in your incoming mail filters to get alerts for possible ransom attacks. The recent spat of email-based bomb threats all contained wallet addresses.
Continue reading “Defense Tip – Regexs for Coin Wallet Addresses”
Becoming a (better) pentester
In my never-ending quest to learn more about hacking in general, I’ve decided to take on a personal project and bone up on the skills required for penetration testing.
Continue reading “Becoming a (better) pentester”
Secure File Sharing Tips
Here is a summary of some secure file sharing tips culled from Twitter thread over the weekend.
Continue reading “Secure File Sharing Tips”
HOWTO – Cracking WPA/WPA2 pre-shared keys
I was given the opportunity to run some tests against the wireless infrastructure at my office. The actual scenario is to deploy a rogue access point and start gathering intel on the organization. But I decided to take this a step further and do some pre-work to make a convincing rogue AP. What follows is my initial framework that I developed researching how to crack a WPA/WPA2 pre-shared key network. I’ll revisit this and improve on it as I gain more experience.
Continue reading “HOWTO – Cracking WPA/WPA2 pre-shared keys”
Unmasking a Cloudflare protected site
Here are some tips for unmasking a site hosted behind CloudFlare. YMMV as I have not yet tested these.
Continue reading “Unmasking a Cloudflare protected site”
Security Conferences near Greenville
Here’s a list of security conferences and events within a few hours drive of Greenville, SC. I am amazed at the number of B-Sides in the area after living at least 6 hours away from EVERYTHING for so long.
Continue reading “Security Conferences near Greenville”