ØSecurity

One of the only things holding me back from using Firefox over Chrome was the behavior of the tabs. I absolutly hated having to scroll back and forth to find a tab, and

Nmap can take script arguments in a fashon such as the following nmap -Pn -sU -sS --script "smb* and not smb-brute and not smb-flood and not smb-psexec and not smb-enum-shares" -T4

One thing that continues to amaze me is that anytime something like this hits the news, IOC's are limited to what files (by name) it drops. Ya know what's even more useful? Hashes,

I've seen the python pty trick in a few places, first when taking OSCP labs. However, if you've noticed there's still some problems. 2 years ago at HackFest @r00k did a presentation where

This is a problem I've run into several times in the past, so I wanted to document this a bit. While processing certificate signing requests (CSR's) I've occasionally had external entities send the

Finally found a live site mining crypto currency tonight. Really quick post on detection. WARNING! As of this writing, this site drives CPU to >70% and mines cryptocurrency. As far as I

I've read a few of the FUZZBUNCH / ETERNALBLUE / DOUBLEPULSAR tutorials, and decided to create my own. The others work, but I found one or two things that I modified, and always like to

Brief tutorial/walk through. We will be creating a cookie (manually) for testing, and a very basic test site containing a script that could be embedded in a site via XSS, and then

Most StackOverflow questions which cover narrowing down the source of traffic on a machine deal with TCP or UDP. There's a few for other protocols, but ICMP isn't one that I saw a

I suppose you could call this another "First (X) Things to Do". I'm talking about the installed version of putty here, and really there isn't much to do. There's really only

One issue I've had with the new hashcat 3 is the ability to run it within 32-bit linux VM's. Intel doesn't make 32-bit OpenCL drivers. IBM made some back in 2011 apparently (PDF

I was trying something very simple today on Kali 2016.1 (Kali 2 rolling), passing the hash to an RDP session based on this Kali blog post. It should have been as simple

BeEF XSS Framework is awesome. However, I wasn't getting good results on port 3000. I have the feeling the firewall on or between the target host was blocking this port. To test this,

I'm working through exercises in pen-testing and I ran into an slight problem. How do I tell what user I'm currently logged in as? whoami - Doesn't work, box is too old (pre-vista)

I found a very useful script for automating the installation of the OSSEC HIDS agent on RHEL/CentOS servers. This isn't mine, all credit goes to whomever runs 13Cubed. It automatically pulls down

Some quick notes on what nmap scans by default, the commands below will give you the ranges scanned, and there's also some lists suitable for copy/pasting. Top 1,000 TCP Ports: nmap

The official announcement is on the Hashcat forums. This is amazing news, I can't wait to see what this brings. Among the things I can't wait for... OSX Support Huge improvements in several

I reinstalled Windows 10 the other day and realized that there were several settings I needed to tweek, so in the spirt of my Kali post, here's Windows 10 First Things. 1) Uninstall

Lack of updates, I know, I'm still busy. Today's entry is a direct copy and paste from the Kali site. In case you missed it (like I did) Kali 2.0 handles Metasploit

So I think it's time for my first "opinion piece". This is in response to the following article, and several tweets I've seen saying that pulling security clearances is a bad

I've been using KeePass for years. A while ago I also started using the expire function. However, only a handfull of my accounts actually have this turned on so far. I've been meaning

I'll add this to it's own post, instead of my KeePass tutorial, since it's a more advanced feature. There's a way to launch RDP sessions with KeePass, making it much easier for sysadmins

There's a ton of examples of this kind of script, but for some reason each one I tried gave me an error. I'm not sure if it was due to powershell version changes

So a while ago I did a short piece on extracting malicious VBA, something I seem to run into more and more. Today I ran into a different attachment. It was a .zip