Simple PHP webshell with php filter chains
Recently found an LFI in a PHP application and one of the cool things I learned about recently was PHP filter chains. More info here: https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it.html However, if you are using this ...
Beautiful Basics: Lesson 4
Lessons Learned Slides Lesson 1 Lesson 2 Lesson 3 Lesson 4 Lesson 5 Lesson 6 Lesson 7 Lesson 8 Lesson 9 Lesson 10 Lesson 11 Lesson 4 - User Blaming Security is ...
Beautiful Basics: Lesson 3
Lessons Learned Slides Lesson 1 Lesson 2 Lesson 3 Lesson 4 Lesson 5 Lesson 6 Lesson 7 Lesson 8 Lesson 9 Lesson 10 Lesson 11 Lesson 3 - Detection Reality People and ...
Blocking ISO mounting
Recently I’ve been hearing about malware mounting ISOs as a method of bypassing AV and EDR. For example this article from Bleeping Computer - “Uptick Seen in ISO Email Attachments Delivering Malware” ...
LDAPSearch Reference
ldapsearch is a extremely powerful tool, especially for Windows Active Directory enumeration. It’s one of my primary tools when performing pentesting or red teaming against an environment with Active Directory, but also ...
Beautiful Basics: Lesson 2
Lessons Learned Slides Lesson 1 Lesson 2 Lesson 3 Lesson 4 Lesson 5 Lesson 6 Lesson 7 Lesson 8 Lesson 9 Lesson 10 Lesson 11 Lesson 2 - Least Privilege No one ...
Beautiful Basics: Lesson 1
Lessons Learned Slides Lesson 1 Lesson 2 Lesson 3 Lesson 4 Lesson 5 Lesson 6 Lesson 7 Lesson 8 Lesson 9 Lesson 10 Lesson 11 Lesson 1 - YOU could be “Legacy” ...
Beautiful Basics – Series
Today I keynoted @BSidesVancouver. It was an honor to be asked and I had a great time. Conference Link: https://hopin.com/events/bsides-vancouver-2022/ I talked about 11 lessons learned over my career that contradict some ...
User Empowerment: Password Security
World Password Day (who knew that was a thing?) is upon us. It is the first Thursday of May every year, and that falls on May 6th this year. I’m not sure ...
SolarFlare Release: Password Dumper for SolarWinds Orion
TL;DR Here are the concerns I have regarding the SolarWinds/FireEye breach: The accounts stored in an organization’s SolarWinds Orion may be underestimated. I recently did a pentest for a firm that had ...