Here, you’ll find a mix of content beneficial to Sysadmins, my personal thoughts, and/or general Infotech topics.
I’ve made a handful of articles on attacking LLMNR within Active Directory environments, but I’ve never made anything that helps IT Admins mitigate this vulnerability. This post intends to serve as a guide for patching this vulnerability that is enabled by default in Windows. Keep in mind that we need to not only disable LLMR, […]
Last week, I shared a story about how we took down a network using a sticky note. You can read more about that over at Social Engineering Stories #1 | Advanced Email Protections Prevent Social Engineering! Or Does It? This week, I want to share a little story about persistence. “It’s not that I’m so […]
Companies will spend thousands of dollars on advanced email security products. Security engineers and IT admins may spend countless hours configuring spam filtering policies, tuning their whitelisting/blacklisting controls, and may even go through advanced training to learn the ins and outs of premium services that guarantee to block every malicious email from the beginning of […]
Covenant C2 is described by its authors as “A . NET command and control framework that aims to highlight the attack surface of . NET, make the use of offensive . NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.” This post is meant to supplement a video that […]
Preparing the List I recently had to migrate away from our third-party spam filter. I was able to get them to send us a CSV file that contains a list of all our blocked domains/email addresses, but that list was not very clean. For example, it looked like this with a mix of domains and […]
Symmetric Encryption A single, shared key is used to both encrypt and decrypt the data. You’ll want to handle this key with caution and only share it to those that need access to that data. Pros: Works great if we only need to secure data for a single machine or a single user. Very fast […]
It became apparent to me that my understanding of CSRF was lacking, or uh, basically non-existent. This post aims to fix that! Come learn about it along with me. Note: This particular post is NOT a hacking tutorial on abusing CSRF, though I’m sure I will post one in the near future (make sure to […]
This post intends to discuss the three most common HTTP headers that leak server information. While these headers don’t do anything to help protect against attacks, they can be used by attackers to enumerate the underlying technologies behind the application during the early enumeration phase of an attack. If you’d like to learn more about […]
This post intends to serve as a guide for some of the most common HTTP Headers web applications use to prevent exploitation of potential vulnerabilities. Within this article, you will discover the name of the various headers, along with their use case and various configuration options. If you’d like to learn more about which headers […]
I have seen many people ask the community for help regarding good resources and figured I should create this post to share my two cents on the topic. I started this journey about 6-8 months ago and have soaked in a ton of content during that time. TheCyberMentor Use this when first starting out! He […]
As I’m sure you’ve heard, there were a handful of critical vulnerabilities announced in this week’s Patch Tuesday. Included in the list of vulnerabilities is a flaw within CryptoAPI that would allow an attacker to digitally sign malicious software updates as the legitimate creator of the software. While Microsoft lists this vulnerability with a severity […]
Very brief post, but will be expanded on with additional details as time allows. Breached Credentials Credential Stuffing & Password Spraying LLMNR & NBT Poisioning Relay Attacks Null Sessions on Domain Controller(s) Token Impersonation on Low Priv Boxes MiTM6 to Exploit IPv6 Kerberoasting MS17-010 and Poor Patch Management SYSVOL Credentials and GPP Lack of Segmentation […]
This post intends to serve as a guide on activating a purchase ESU license key on a Windows 7 box. I’m making the assumption that you have already gone through the procedure to purchase the Windows 7 ESU key and have access to it. READ MORE…
Get new content delivered directly to your inbox.