Blog
view all tagsUsing Powershell to manage binary registry keys
Getting and setting REG_BINARY keys
April 11, 20251 minsopenRT Vulnerabilities
A review of the openRT appliance as we walkthrough exploiting an RCE and then privilege elevation
February 20, 20254 minsWindows 11 - Enable "Firmware Protection" by InTune or otherwise
Using InTune or otherwise, you may struggle to enable Microsoft's feature "Firmware Protection"
January 05, 20241 minsTime to Shutdown CT Advisor
Shutting down certificate monitoring
February 16, 20233 minsMy Cats implement Diffie Hellman in Powershell
A minimum algorithm specification
December 20, 20222 minsHow vssshield kills ransomware
Live demonstration of vssshield protecting shadow copies
November 05, 20223 minsEncoding Neil Madden's Psychic Signatures
CVE-2022-21449 ASN1 Encoding
June 21, 20223 minsUsing Microsoft Sentinel to roll honey tokens on Windows
Proactive incident monitoring
May 09, 20222 minsExploit for many Wordpress themes - CVE-2022-0316
Exploit poc
February 04, 20221 minsUsing Azure MFA for on premises Active Directory
Protecting assets with Azure MFA without going cloud
December 02, 20219 minsNeutralising Script Based Ransomware
Neutralising Script based ransomware
July 25, 20212 minsReact XSS Protection Cheat Sheet
Secure use of React and XSS
June 20, 20217 minsObtaining Corporate Credentials via the Autodiscover Circus
Obtaining Corporate Credentials via the Autodiscover Circus
September 02, 20204 minsSecure Active Directory management with PAM and JEA
Active Directory Domain Just Enough Administration and Privileged Administration
July 13, 20196 minsDumbest pentesting script to ever succeed
Getting service account credentials where you shouldn't
July 09, 20191 minsAbusing Google Safebrowse for phished credentials URLs
What safebrowse looks for, and finding it yourself
May 12, 20193 minsHack The Box DAB Writeup Security Assessment
Hack the box 'DAB' writeup
February 03, 20194 minsReverse engineering GoDaddy's tracking script
Reverse engineering GoDaddy's tracking script
January 14, 20196 minsEnumerating Azure Federated Domains
Discovering more than just subdomains
May 09, 20182 minsSecurity and Caching headers with S3 websites
Using Lambda @ Edge to set headers
March 22, 20182 minsOpen Source marketing after two years
CT Advisor has been auditing transparency for two years
January 16, 20183 minsIntercepting and Capturing MFA Logons
That push notification isn't a silver bullet
August 01, 20173 minsThe bloat of AMP
Because fast means more Javascript
July 04, 20173 minsUsing Hadoop with Clojure to process Active Directory Data
Because Excel has a maximum theoretical limit of one row
June 02, 20174 minsNetregistry has no support for MFA either
Because domains don't need security apparently
May 10, 20171 minsContinuous Backup Tests with Docker
Using docker to automate a database restoration and continuously test backups
February 02, 20174 minsAwesome security audit
Is it a real security audit, or is it a React/Typscript template? Why not both?
November 24, 20161 minsmwave requests bank logins of customers
Apparently mwave actually think a reasonable method of running ecommerce is to simply ask for the logon to your online banking.
November 17, 20161 minsThe improving state of SSL deployment
Certificate Transparency monitoring service gives us great new insights into the increasing deployment of SSL certificates
October 20, 20163 minsIntelligent Backend Routes with Rails and nginx
How to avoid passing silly URLs to your backend
July 17, 20164 minsUse protobufs - now
Benchmarking protobufs against JSON
May 23, 20163 minsArgon2 code audits - part one - Infer
Using Facebook Infer static analysis tool against argon2
February 12, 20164 minsLet's Encrypt - It's happening
Trialling early Ruby ACME client for Lets Encrypt
October 27, 20152 minsTesting ReactJS for XSS vulnerabilities
A test hardness to smoketest ReactJS for XSS vulnerabilities
August 19, 20152 minsProperty based tests, contracts with Ruby
Property based tests, contracts with Ruby
July 19, 20156 minsConcurrent Vulnerability scanning with Erlang
Mass Concurrent Vulnerability scanning with Erlang
June 15, 20152 minsFuzzing nginx - Hunting vulnerabilities with afl-fuzz
Fuzzing nginx with afl-fuzz for vulnerabilities
April 28, 20155 minsnginx - Built against LibreSSL
nginx - Built against LibreSSL
April 06, 20151 minsTaking the Matasano Crypto Challenge
Blog on the process of taking the cryptopals / matasanto crypto chalenge
September 15, 20146 minsHP D2D / Storeonce Backdoor
HP's D2D Backdoor passwords
May 29, 20141 minslibscrypt - password hashing library
libscrypt - password hashing library
April 01, 20141 minsConnectwise Password Recovery
Connectwise user password recovery from poor encryption
October 02, 20131 minsLolDNS
LolDNS
September 23, 20132 minscPanel Wordpress version/vulnerability scanner
cPanel Wordpress version/vulnerability scanner
September 23, 20131 minsForensic research into an FX29 Compromise
Rio Rizaldy, owned
March 14, 20131 minsMcAfee Updater - I just shat on your filesystem
This document discusses a vulnerability in McAfee’s updater. The download for this, and a KB article discussing it, is found here: https…
December 12, 20123 minsHP P2000 on VMware - LUN 0
HP P2000 on VMware - LUN 0
December 12, 20125 mins