Discovering the Anti-Virus Signature and Bypassing It

October 24, 2019

In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them. I am a big fan of LOLBins so we are going to focus on the binary Regsvr32, which is a known binary that can be…

Read

Buying Internal Domain Access Again

October 3, 2019

So, this post is inspired by some very interesting research done by @mubix that you can read about here, as well as this amazing post by Tim Medin here. After reading Mubix’s post, I was whipped into a frenzy and purchased several domains. I realize that these posts are both several years old, but this idea has…

Read

Three Most Common Security Flaws (and How to Fix Them)

August 27, 2019

When it comes to physical security, the most common things we see are hardware vulnerabilities or human error (through social engineering attacks, failure to follow security guidelines, or no knowledge of security protocols). We have successfully broken into everything from locally run neighborhood shops to banks, power plants, hospitals, factories, law firms, and everything in…

Read
hans tracing cover image

Tracing DNS Queries on Your Windows DNS Server

July 16, 2019

During a recent engagement, I successfully deployed a wildcard Domain Name System (DNS) record in conjunction with Responder. Within minutes, a misconfigured host made a query for a non-existent DNS record and was poisoned into connecting to our Responder instance. Unfortunately, the account was privileged enough that domain compromise was achieved. The techniques and tools…

Read
frida blog post graphic

Mobile Hacking: Using Frida to Monitor Encryption

July 9, 2019

This post will walk you through the creation of a Frida script that will be used to demonstrate the usage of the Frida Python bindings. The Frida script will be used to monitor encryption calls and capture details about the encryption type and keys in use. We will learn how to send messages from Frida…

Read
neurons inputs and outputs graphic

On the possibility of obfuscating code using neural networks

June 11, 2019

In this blog post, I will cover the current state of my research investigating the possibility of using neural networks to hide shellcode. But before we dig in, I will provide a little background information. For those unfamiliar with neural networks, they are a type of computer system design that is inspired by how human…

Read
the cloud blog graphic

Owning O365 Through Better Brute-Forcing

May 14, 2019

TL;DR: User Enumeration is key. Done enumerating? Do more. The classic passwords still work. Once you get some credentials, get more. Office 365 (O365) has become a trend in organizations. More and more, administrators are offloading their mail to The Cloud™. No longer are admins shackled to their Exchange servers, executing patch after patch in…

Read
hacker blog graphic

Next Gen Phishing – Leveraging Azure Information Protection

April 25, 2019

In this blog post, I will go over how to use Azure Information Protection (AIP) to improve phishing campaigns from the perspective of an attacker. The idea came during an engagement where I was having trouble getting phishing emails into users’ inboxes without being caught by a sandbox on the way. During this engagement, it…

Read
Five Thoughts on Securing Multi-Cloud Environments graphic

Five Thoughts on Securing Multi-Cloud Environments

March 19, 2019

As its name suggests, a multi-cloud environment is a network that utilizes the services of more than one cloud provider. There are many different ways that multi-cloud infrastructures can be designed and a primary topic of discussion is how to properly secure these environments.  No single cloud service provider has the best environment for every…

Read
SDR Entering the Noise Floor graphic

SDR: Entering the Noise Floor

February 25, 2019

First, I would like to preface this article by saying that gr-limesuite and the LimeSDR drivers are updated fairly regularly. Some of the issues that I have encountered in the past have been remedied by recent updates. With that said, the information in this article should remain relevant, but the pictures may vary with subsequent…

Read
  • Browse by Category

  • Clear Form