JavaScript and EmbedInHTMLPayload delivery is something that both threat actors and Red Teamers research. It always seems what is old can be new again and I was up…Sep 29, 2021Sep 29, 2021
Enumerating the Google Cloud Platform (GCP)I was tasked with something regarding the Google Cloud Platform (GCP). I didn’t have much experience so I needed to dig in and learn as I…Mar 8, 2021Mar 8, 2021
Have I been pwned? Have you been pwned?It really seems inevitable that organizations will seemingly expose their data, which includes your data. I know a few of my email…Jan 12, 2021Jan 12, 2021
Live for the journey, not the destination:No one asked for this. Do people ask for this?Jan 3, 2021Jan 3, 2021
Go make your own malicious binaryPresented with a task, if given a loose set of guidance, I’m going to follow my own path. It’s not always the case and I’m sure a lot of…Nov 20, 2020Nov 20, 2020
DC612 Talk CompanionThis is a companion post to list all the links and some further information that I found to be helpful.Jul 11, 2019Jul 11, 2019
VirtualBox and Networking with Squid and SnortComing from the Windows side of the house in networking, putting together a physical network with some logical design wasn’t that…Mar 13, 2019Mar 13, 2019
Finding and Decoding WebSphere Application Server passwordsAs an internal tester of pens, I’m always on the lookout for things I should not be able to see/find/access. Obviously this pertains to…Jan 30, 2019Jan 30, 2019
Pi Zero FM RadioSimilar to my story about the SanDisk Connect device, this idea started it’s roots in my trip to DefCon 2018, specifically my experience…Nov 9, 2018Nov 9, 2018
Portable WPA2 AP for wireless capture trainingThis summer (2018), I was finally able to get to the desert for hacker summer camp. It was the first large scale security conference I was…Oct 12, 2018Oct 12, 2018