Next Gen Phishing – Leveraging Azure Information Protection

April 25, 2019 | By:

In this blog post, I will go over how to use Azure Information Protection (AIP) to improve phishing campaigns from the perspective of an attacker. The idea came during an engagement where I was having trouble getting phishing emails into users’ inboxes without being caught by a sandbox on the way. During this engagement, it…


Local Admin Access and Group Policy Don’t Mix

January 24, 2019 | By:

Having spent a career working with Group Policies, I thought now might be a good time to give an overview of it and I felt like doing a little writeup about Group Policies. I especially want to highlight why having admin access to clients can be really bad. It is important that everyone understands the weaknesses…


Oddvar Moe

October 08, 2018 | By:

Oddvar Moe Track 1: #LOLBins – Nothing to LOL about! You have probably heard the term LOLBin, LOLSCript or LOLLib by now. Want to get more insights on that? Then this is the talk you want to attend. This talk will cover the Living Off The Land Binaries and Scripts (LOLBAS) project, what the project…