Author

Author, Derek Banks, General InfoSec Tips & Tricks, InfoSec 101

Developing Hacking Kung Fu (or How To Get Into Information Security)

Derek Banks // More than occasionally I am asked how to get into Information Security as a profession. As attacks and breaches continue to escalate in frequency the demand […]

Read the entire post here

Author, Brian Fehrman, How-To, InfoSec 301

Evil Twin: WPA2 Enterprise Syle on Kali 2.0

Brian Fehrman //

Read the entire post here

Author, How-To, InfoSec 201, John Strand AV, firewalls, Kill your AV, say no to networks, turn off networks

The New Security Fundamentals – Kill Your AV

John Strand // AV is Dead Long Live Whitelisting. We have been discovering more and more of our tests bypass AV controls with ease. We have yet to see any iteration or […]

Read the entire post here

Author, InfoSec 201, John Strand

How Compliance Compromises Happen. (Or, The Most Boring Article Title in the History of All the Internet…)

John Strand // There have been quite a few articles lately on how compliance standard X or Y is broken. Unfortunately, this often leads to blaming the nameless and faceless people behind the […]

Read the entire post here

Author, Joff Thyer, Password Spray, Red Team Joff Thyer, password spraying, RPCCLINET

Password Spraying & Other Fun with RPCCLIENT

Joff Thyer // Many of us in the penetration testing community are used to scenarios whereby we land a targeted phishing campaign within a Windows enterprise environment and have […]

Read the entire post here

Author, External/Internal, Joff Thyer, Red Team AV, AV evasion, modifying measpoilt, shellcode

Modifying Metasploit x64 template for AV evasion

Joff Thyer // When performing a penetration of test of organizations with Windows desktops, many testers will now resort to using tools like Veil’s Powershell Empire in order to […]

Read the entire post here

«‹ 52 53 54 55