Posts by Category

Security

Automation Through Azure DevOps with Bob

10 minute read

Several months ago, our team moved into the realm of automation through the use of Azure DevOps. I would say that evolution is a necessary cycle that occurs,...

Changeling - A Feature Morphing Creature

9 minute read

There has been a lot of good work over the past several months surrounding the idea of improving payload development and generation for pentests and red team...

Domain Fronting, Beacons, and TLS!

6 minute read

These posts have been too few and far in-between lately. But today I came across something that may save some poor red teamer a little bit of troubleshooting...

My OSCE Review

13 minute read

About a year ago, I received the most satisfying e-mail I had ever received. It was from Offensive-Security, and it was stating that I had successfully obtai...

SLAE Exam 7 Custom Crypter

4 minute read

Today we’re throwing down the landing gear and finishing up with SLAE! It’s been a great ride and I’ve learned a lot on the journey. With this last assignmen...

SLAE Exam 6 Polymorphic Shellcode

4 minute read

So, I’ve been on a slight hiatus from the SLAE because my lab time for OSCE began right as I was finishing this up. So, I put this on pause to complete that....

SLAE Exam 5 Shellcode Analysis - Part 3

5 minute read

Now, we’re cooking! We previously looked at two MSF payloads, read_file and the staged version of a bind_tcp shell. Now, we will look at one of the most comm...

SLAE Exam 5 Shellcode Analysis - Part 2

7 minute read

I’m about to make up for some lost time! Today we’re moving straight into part two of assignment 5. We’ll be following the same basic analysis process, but i...

SLAE Exam 5 Shellcode Analysis - Part 1

5 minute read

Man, I’ve been slacking. It’s currently 8:45PM, I’m sipping on some sweet Colombian medium-roast coffee, and it’s way too late for that. I’ve gotta get this ...

SLAE Exam 4 Custom Encoder

4 minute read

It’s a good day to be back in the lab. I’m stuck chugging some solid H20 today while taking a look at writing custom encoders for our shellcode. Today we’ll ...

SLAE Exam 3 Egg Hunter Shellcode

8 minute read

I’m flying high right now. No, not because I’ve successfully completed another SLAE assignment. I’m literally flying high, around 30,000 feet, on my way to d...

SLAE Exam 2 TCP Reverse Shell

5 minute read

No coffee tonight. It’s too late for that. It’s not that this assignment took long at all, but there were several things I had to do before I could finish th...

SLAE Exam 1 TCP Bind Shell

7 minute read

The SecurityTube Linux Assembly Expert (SLAE) exam is an open-source format that requires the test taker to blog each answer of the 7-part test. The instruct...

Cisco Prime Collaboration Provisioning RCE

2 minute read

Sometimes, as part of my day job I get to go out and do penetration testing for random places. The past two weeks I’ve been lucky enough to be on my second p...

My OSCP Experience

16 minute read

When I was young, around the age of 12, I thought that becoming a Certified Ethical Hacker was THE goal in life I wanted to accomplish. Ten years pass by and...

Back to top ↑

Gist

Two Stacks as a Queue

3 minute read

Before starting work each day, I like to set aside some time to warm my brain up by completing a small coding/algorithmic challenge. These challenges are oft...

Custom Domains with SSL for Github Pages

3 minute read

In a previous post, we discussed how to set up a Jekyll-based blog to be hosted using Github Pages. The process is straight-forward, and also free! So, if yo...

How to Set Up a Jekyll Blog

3 minute read

So, you want to start blogging, and you should! Blogging is a great way to relax, share information, and reinforce new topics that you may be learning about....

Back to top ↑