This week I’d like to share some basic image steganography techniques that I used during the Amazon MicroCTF 2017.
Bash Bunny QuickCreds – Grab Creds from Locked Machines
I figured that the Bash Bunny QuickCreds module would be a great way to test out my new toy.
Filed under Security Not Included
BSides MCR 2017 was an UnBEElievable Time
I got to attend BSides MCR for the first time this year, and it was well worth it.
Filed under Security Not Included
CertReq Exfiltration – Getting Data via Native Tools & CSRs!
Now, finally sharing something new again, I present CertReq exfiltration!
Filed under Security Not Included
Hashcat WPA2 Cracking – Beach Edition
As a perfect follow-up to our Wireless CTF win, I present some hashcat WPA2 cracking.
Filed under Security Not Included
DEF CON 25 and BSidesLV 2017 – Hacker Summer Camp
Another year in Vegas, and DEF CON 25 is in the books.
Filed under Security Not Included
Writing an Alexa Port Scanner for Couch Hacking
As I got one for Prime Day, I figured that I would write an Alexa Port Scanner.
Filed under Security Not Included
Brainpan 2 – Trolling, Headaches, and a fun Challenge!
Finally back to VulnHub, and next up is my Brainpan 2 walkthrough.
Filed under Security Not Included
MITM XSS Protection – Still Popping Alerts
I recently had to demonstrate the dangers of loading external resources over HTTP as well as security libraries running on the client side. In this case, I went with an attack to MITM XSS protection, and this was the result.
Filed under Security Not Included
XSS Password Stealing – Who needs cookies?!
Most people are already aware of using XSS to pop alerts or steal cookies. Today I’d like to show XSS password stealing.
Filed under Security Not Included