I attended NorthSec in Montreal last week and weekend and had an awesome time.
Category Archives: Security Not Included
IKE Aggressive Mode VPN – ike-scan + ikeforce
As I've seen it on more than a few engagements, I wanted to show attacking IKE aggressive mode VPNs.
Filed under Security Not Included
XSS Without Spaces – Finally, an Easier Filter
Back to some web applications, I wanted to share an example of XSS without spaces.
Filed under Security Not Included
Intigriti XSS Challenge – Fun with DOM XSS
I just finished the Intigriti XSS challenge, and I wanted to share my write-up for it.
Filed under Security Not Included
Setting up a DigitalOcean VPN with strongSwan
In keeping with the VPN theme, here's a quick guide on setting up a DigitalOcean VPN with strongSwan.
Filed under Security Not Included
VulnReport Docker Container – DIY Pentest Reporting
I (not so) recently setup a VulnReport Docker container in my lab, and I wanted to share the process.
Filed under Security Not Included
Iodine DNS Tunneling – Not Just for Exfiltration!
Continuing with my theme of VPNs, I thought I'd share some Iodine DNS tunneling this week.
Filed under Security Not Included
OpenPYN NordVPN – Always on Linux VPN
I recently setup OpenPYN NordVPN in my homelab, and I wanted to share how simple it is.
Filed under Security Not Included
Vulnserver LTER EIP Overwrite – A Little Easier This Time
While a simpler exploit, I wanted to share my LTER EIP overwrite as well.
Filed under Security Not Included
Vulnserver LTER SEH Continued (Part 2)
This post will conclude my Vulnserver LTER SEH exploit.
Filed under Security Not Included