AV Evasion

My job involves lightweight pentesting and vulnerability assessment and such is the nature that clients know what I want to accomplish and will happily white-list any script I ask them to, but what's the fun in that? Researching methods to bypass AV and thinking of methods to just not write to disk, showed that AV... Continue Reading →

Simple Buffer Overflows (x32)

Before I did PWK, I had a hard time wrapping my head around buffer overflows. Even after taking an Assembly course in college, I was still fuzzy on how they really worked. Eventually, after watching countless videos, asking a ton of questions on Reddit, and doing PWK, I wrote it out for myself with pictures.... Continue Reading →

Exposing Phishers via Bad OpSec

I got a phishing email at work forwarded to me and was surprised it got through our filter. Looking at it, it was an email with the subject line “Confirm your identity” with an .HTML attachment. Opening the .html attachment up shows a pretty legit looking PayPal page. I put in some bogus info and... Continue Reading →

Using Bloodhound to Map the Domain

Bloodhound is an extremely useful tool that will map out active directory relationships throughout the network. In a pentest, this is critical because after the initial foothold, it gives you insight on what to attack next. In enterprise domains with thousands of workstations, users, and servers, blindly exploiting boxes is a sure way to get... Continue Reading →

Create a website or blog at WordPress.com

Up ↑