General Blog

Here, you’ll find a mix of content beneficial to Sysadmins, my personal thoughts, and/or general Infotech topics.

Recent Posts

Open Source Intelligence (OSINT) Sites

Threrat Intelligence Platforms (T.I.P.) All threat of these platforms are free, but not all of the functions are available for the free versions. They are still great to be able to look up IOCs (indicators of compromise) on threat actors. All of these platforms you will have to register for, but are worth it. ThreatConnect […]

Practical Network Penetration Tester (PNPT) Exam Review – TCM Security

In early July of 2021, I decided to take on TCM Security’s new PNPT certification and passed it on my first attempt! This post intends to serve as a review of my experience, as well as help answer some of the common questions that I’ve seen online regarding the exam. What is the PNPT? The […]

Your Microsoft Teams chats aren’t as private as you think..

Encrypt and Anonymize Your Internet Connection for as Little as $3/mo with PIA VPN. Learn More Microsoft Teams is a proprietary business communication platform developed by Microsoft, as part of the Microsoft 365 family of products. Teams primarily competes with the similar service Slack, offering workspace chat and videoconferencing, file storage, and application integration, and is used […]

Disabling LLMNR and NBT-NS in Your Network

I’ve made a handful of articles on attacking LLMNR within Active Directory environments, but I’ve never made anything that helps IT Admins mitigate this vulnerability. This post intends to serve as a guide for patching this vulnerability that is enabled by default in Windows. Keep in mind that we need to not only disable LLMR, […]

How self-signed certificates invite man in the middle attacks.

Introduction The purpose of digital certificates What is a self-signed certificate? What’s the impact? Where do we go from here? Conclusion Ever since communication was invented, the need for encryption has been apparent and the solution has been sought after by all. This led many mathematicians down a path to create scalable, efficient solutions that […]

Installing Covenant C2 on Windows

Covenant C2 is described by its authors as “A . NET command and control framework that aims to highlight the attack surface of . NET, make the use of offensive . NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.” This post is meant to supplement a video that […]

Importing Email Addresses & Domains to Blacklist in Office 365 Using PowerShell

Preparing the List I recently had to migrate away from our third-party spam filter. I was able to get them to send us a CSV file that contains a list of all our blocked domains/email addresses, but that list was not very clean. For example, it looked like this with a mix of domains and […]

Symmetric Encryption vs Asymmetric Encryption

Symmetric Encryption A single, shared key is used to both encrypt and decrypt the data. You’ll want to handle this key with caution and only share it to those that need access to that data. Pros: Works great if we only need to secure data for a single machine or a single user. Very fast […]

Let’s Talk Basics About Cross Site Request Forgery (CSRF)

It became apparent to me that my understanding of CSRF was lacking, or uh, basically non-existent. This post aims to fix that! Come learn about it along with me. Note: This particular post is NOT a hacking tutorial on abusing CSRF, though I’m sure I will post one in the near future (make sure to […]

Have a WebApp? Here Are Three HTTP Headers Leaking Your Server Information

This post intends to discuss the three most common HTTP headers that leak server information. While these headers don’t do anything to help protect against attacks, they can be used by attackers to enumerate the underlying technologies behind the application during the early enumeration phase of an attack. If you’d like to learn more about […]

What are Web Application HTTP Security Headers? When do you use them?

This post intends to serve as a guide for some of the most common HTTP Headers web applications use to prevent exploitation of potential vulnerabilities. Within this article, you will discover the name of the various headers, along with their use case and various configuration options. If you’d like to learn more about which headers […]

My Top 3 OSCP Resources (Ippsec, TheCyberMentor, & 0xdf)

I have seen many people ask the community for help regarding good resources and figured I should create this post to share my two cents on the topic. I started this journey about 6-8 months ago and have soaked in a ton of content during that time.  TheCyberMentor Use this when first starting out! He […]

Patching CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

As I’m sure you’ve heard, there were a handful of critical vulnerabilities announced in this week’s Patch Tuesday. Included in the list of vulnerabilities is a flaw within CryptoAPI that would allow an attacker to digitally sign malicious software updates as the legitimate creator of the software. While Microsoft lists this vulnerability with a severity […]

Top Ways Penetration Testers Get Domain Admin

Very brief post, but will be expanded on with additional details as time allows. Breached Credentials Credential Stuffing & Password Spraying LLMNR & NBT Poisioning Relay Attacks Null Sessions on Domain Controller(s) Token Impersonation on Low Priv Boxes MiTM6 to Exploit IPv6 Kerberoasting MS17-010 and Poor Patch Management SYSVOL Credentials and GPP Lack of Segmentation […]

How To Activate Windows 7 Extended Security Updates (ESU)

This post intends to serve as a guide on activating a purchase ESU license key on a Windows 7 box. I’m making the assumption that you have already gone through the procedure to purchase the Windows 7 ESU key and have access to it. READ MORE…

Stay Involved

Get new content delivered directly to your inbox.