Metasploit
DEF CON 29 Aerospace Village – Pearce Barry’s ‘Collecting CANs: A Bridge Less Travelled’
Our thanks to DEFCON for publishing their outstanding DEFCON 29 Aerospace Village videos on the organizations’ YouTube channel. Permalink ...
Thinking of a Cybersecurity Career? Read This
Thousand of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills. Here's a look ...
Book Review – Linux Basics for Hackers
With countless job openings and growth with no end in sight, InfoSec is the place to be. Many pose the question, “Where do I start?” Over his years of training hackers and ...
Data Exfiltration with XSS
We had an XSS vulnerability, we created a fake login page, we stole the WordPress admin’s credentials, now what? Over the following pages, I am going to walk you through the complete data exfiltration process ...
Splunk: With Great Power Comes Great Responsibility
Splunk backgroundSplunk is a fantastically powerful solution to "search, monitor and analyse machine-generated data by applications, systems and IT infrastructure" and it's no surprise that many businesses are turning to it in ...
Abusing Splunk Functionality with Metasploit
In our post Splunk: With Great Power comes Great Responsibility we outlined how the sheer power and flexibility of Splunk can be abused to gain complete control of the server upon which Splunk ...
ssh-agent: Abusing the trust – Part 2
In part 1 of this blog post I discussed common issues with using ssh-agent forwarding in an untrusted environment. Despite the risks it remains prevalent and ripe for some exploitation.There are tools ...
Scottish Ruby Conference & Breaking things with Ruby
Just had the first day of the Scottish Ruby Conference. The venue was awesome, there'll doubtless be lots of good pictures up on places like flickr in due course, but here's a ...
