General Blog

Here, you’ll find a mix of content beneficial to Sysadmins, my personal thoughts, and/or general Infotech topics.


Recent Posts

Disabling LLMNR and NBT-NS in Your Network

I’ve made a handful of articles on attacking LLMNR within Active Directory environments, but I’ve never made anything that helps IT Admins mitigate this vulnerability. This post intends to serve as a guide for patching this vulnerability that is enabled by default in Windows. Keep in mind that we need to not only disable LLMR, […]

Social Engineering Stories #1 | Advanced Email Protections Prevent Social Engineering! Or Does It?

Companies will spend thousands of dollars on advanced email security products. Security engineers and IT admins may spend countless hours configuring spam filtering policies, tuning their whitelisting/blacklisting controls, and may even go through advanced training to learn the ins and outs of premium services that guarantee to block every malicious email from the beginning of […]

Installing Covenant C2 on Windows

Covenant C2 is described by its authors as “A . NET command and control framework that aims to highlight the attack surface of . NET, make the use of offensive . NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.” This post is meant to supplement a video that […]

Importing Email Addresses & Domains to Blacklist in Office 365 Using PowerShell

Preparing the List I recently had to migrate away from our third-party spam filter. I was able to get them to send us a CSV file that contains a list of all our blocked domains/email addresses, but that list was not very clean. For example, it looked like this with a mix of domains and […]

Symmetric Encryption vs Asymmetric Encryption

Symmetric Encryption A single, shared key is used to both encrypt and decrypt the data. You’ll want to handle this key with caution and only share it to those that need access to that data. Pros: Works great if we only need to secure data for a single machine or a single user. Very fast […]

Let’s Talk Basics About Cross Site Request Forgery (CSRF)

It became apparent to me that my understanding of CSRF was lacking, or uh, basically non-existent. This post aims to fix that! Come learn about it along with me. Note: This particular post is NOT a hacking tutorial on abusing CSRF, though I’m sure I will post one in the near future (make sure to […]

Have a WebApp? Here Are Three HTTP Headers Leaking Your Server Information

This post intends to discuss the three most common HTTP headers that leak server information. While these headers don’t do anything to help protect against attacks, they can be used by attackers to enumerate the underlying technologies behind the application during the early enumeration phase of an attack. If you’d like to learn more about […]

What are Web Application HTTP Security Headers? When do you use them?

This post intends to serve as a guide for some of the most common HTTP Headers web applications use to prevent exploitation of potential vulnerabilities. Within this article, you will discover the name of the various headers, along with their use case and various configuration options. If you’d like to learn more about which headers […]

My Top 3 OSCP Resources (Ippsec, TheCyberMentor, & 0xdf)

I have seen many people ask the community for help regarding good resources and figured I should create this post to share my two cents on the topic. I started this journey about 6-8 months ago and have soaked in a ton of content during that time.  TheCyberMentor Use this when first starting out! He […]

Patching CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

As I’m sure you’ve heard, there were a handful of critical vulnerabilities announced in this week’s Patch Tuesday. Included in the list of vulnerabilities is a flaw within CryptoAPI that would allow an attacker to digitally sign malicious software updates as the legitimate creator of the software. While Microsoft lists this vulnerability with a severity […]

Top Ways Penetration Testers Get Domain Admin

Very brief post, but will be expanded on with additional details as time allows. Breached Credentials Credential Stuffing & Password Spraying LLMNR & NBT Poisioning Relay Attacks Null Sessions on Domain Controller(s) Token Impersonation on Low Priv Boxes MiTM6 to Exploit IPv6 Kerberoasting MS17-010 and Poor Patch Management SYSVOL Credentials and GPP Lack of Segmentation […]

How To Activate Windows 7 Extended Security Updates (ESU)

This post intends to serve as a guide on activating a purchase ESU license key on a Windows 7 box. I’m making the assumption that you have already gone through the procedure to purchase the Windows 7 ESU key and have access to it. READ MORE…



Stay Involved

Get new content delivered directly to your inbox.