It’s that time of year again, time to look back on breach data from the previous year, and reflect on trends. A little history is needed before jumping in. I started cataloging breach data about 3 years ago and have tried to capture 3 critical attributes…

Learn how to disable or DOS (Denial of Serice) attack your own wifi. Using Kali Linux you will be able to completely disable all connections to your wifi.

This is why the IMSI Catcher is so effective. It simply pretends to be a cell tower near your phone, then seamlessly connects to it, and starts to harvest information.

After the classic VM bootstrap the first thing that I had to do is to obtain the IP of the target machine. Then I needed to use nmap…

My friend recently got hit with Dever ransomware. This blog post will talk about the network architecture of the environment, live incident response, an interesting prefetch, timeline of the attack, info on Dever ransomware, summary and IOCs.

Intro

There is a critical vulnerability in ThemeGrill Demo Importer that leads to database wipe and auth bypass. In the versions 1.3.4 and above.

The results are in! After 51 nominations whittled down to 15 finalists by a community vote, an expert panel consisting of Nicolas Grégoire, Soroush Dalili, Filedescriptor, and myself have conferred, v

Introduction There are several kinds of delegation implemented by using the Kerberos protocol. Basically, delegation allows a service to impersonate the client user to interact with a second service, with the privileges and permissions of the client itself.…

A penetration test report is more often tailored to multiple reading groups and as a result needs to be broken down into multiple sections for easier digestion by the business.

My write-ups to CTF challenges. Contribute to joshdabosh/writeups development by creating an account on GitHub.

Got another anecdotal one this week! In a short summary, here, I will walk through the role that DNS, and DNS servers play in an enterprise network. Then, I’ll demonstrate how we can glean ba…

Not all SSL configurations on websites are equal, and a growing number push for HTTPS everywhere. There is an increasing demand to check and quantify that little padlock in your browser. Some simple online tools provide

In this post, we look at different techniques to hide Windows API imports in a program in order to fly under the radar of static analysis tools.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths. - BishopFox/GadgetProbe

Researchers have discovered multiple instances of unsigned firmware in computer peripherals that can be used by malicious actors to attack laptops and servers running Windows and Linux.

This is no basic listicle

I‘m going to share an (ab)use of a Windows feature which can result in bypassing User Group Policy (as well as a few other interesting…