CarolinaCon 14 – Shall we Play a Game?

Another weekend is over, and CarolinaCon 14 is in the books.

Continue reading

Leave a Comment

Filed under Security Not Included

Subdomain Hijacking in the EverSec CTF (BSides Raleigh ’17)

Just in time for CarolinaCon, here is my subdomain hijacking write-up for the EverSec CTF at BSides Raleigh 2017.

Continue reading

1 Comment

Filed under Security Not Included

Guacamole Installation in my Homelab

I finally finished my Guacamole installation for my homelab, and I wanted to share how it went.

Continue reading

Leave a Comment

Filed under Security Not Included

GXPN Review – SANS660 (Advanced Penetration Testing, Exploit Writing, and Ethical Hacking)

Although I passed it last month, I’m just now getting to my GXPN review after a long on-site engagement!

Continue reading

2 Comments

Filed under Security Not Included

sshuttle – Poor Man’s VPN via SSH (Great for Pivoting!)

I’ve recently been using sshuttle again, and I wanted to share how easy it is.

Continue reading

Leave a Comment

Filed under Security Not Included

pfSense DNSBL Whitelisting to Unblock Specific Sites

While I was away, someone asked me about pfSense DNSBL whitelisting, so I wanted to share a tutorial for it.

Continue reading

Leave a Comment

Filed under Security Not Included

XSS Attack Chain – Reflected XSS -> CSRF -> Stored XSS

I used a great XSS attack chain in an engagement recently, and I wanted to share it.

Continue reading

Leave a Comment

Filed under Security Not Included

Nmap Alarm – For When the Target Won’t Stay Online

While not the most useful tool, I wanted to share the Nmap alarm that I used on a recent engagement.

Continue reading

Leave a Comment

Filed under Security Not Included

IpExpander v1.0 – Using Python netaddr to Expand IP Ranges

I know that I haven’t released anything in a while, but I’d like to introduce IpExpander v1.0.

Continue reading

Leave a Comment

Filed under Security Not Included

Running an EyeWitness Docker Container (Great for macOS!)

During an engagement recently, I wanted to get an EyeWitness Docker container setup and working.

Continue reading

Leave a Comment

Filed under Security Not Included