Blog
A home for my posts about infosec.
2022
Plugins for Persistence
Using code editor plugins for persistence. Continue reading Plugins for Persistence
2021
Auto(It)mating your .NET Tradecraft
AutoIt, .NET and Windows protection bypasses. Continue reading Auto(It)mating your .NET Tradecraft
Pillaging Password Managers with UI automation
Using UI automation & keystrokes to extract credentials from password manager vaults. Continue reading Pillaging Password Managers with UI automation
Operating with AutoIt
AutoIt for offsec assessments. Continue reading Operating with AutoIt
2020
Retrieving Data from Thunderbird and Firefox
Extracting sensitive information from Mozilla apps. Continue reading Retrieving Data from Thunderbird and Firefox
2018
A Data Hunting Overview
A guide to data hunting during engagements. Continue reading A Data Hunting Overview
Attack Infrastructure Logging - Part 4 - Log Event Alerting
Slack alerting in Graylog2. Continue reading Attack Infrastructure Logging - Part 4 - Log Event Alerting
Attack Infrastructure Logging - Part 3 - Graylog Dashboard
Setting up a Graylog2 dashboard. Continue reading Attack Infrastructure Logging - Part 3 - Graylog Dashboard
Attack Infrastructure Logging - Part 2 - Log Aggregation
Configuring log aggregation in Graylog2. Continue reading Attack Infrastructure Logging - Part 2 - Log Aggregation
2017
Securing your Empire C2 with Apache mod_rewrite
HTTP C2 redirection with Empire and mod_rewrite. Continue reading Securing your Empire C2 with Apache mod_rewrite
Abusing SolarWinds Network Performance Monitor for Post-Exploitation
Windows post-exploitation with SolarWinds NPM. Continue reading Abusing SolarWinds Network Performance Monitor for Post-Exploitation
AIX for Penetration Testers
AIX enumeration guide for penetration testers. Continue reading AIX for Penetration Testers
2016
DNSnitch - Reverse NS Lookups & Zone Transfers
Reverse NS Lookups & Zone Transfers. Continue reading DNSnitch - Reverse NS Lookups & Zone Transfers
WiFi Social Engineering
Messing around with Wifiphisher. Continue reading WiFi Social Engineering
