During penetration tests or Red Team engagements often I will come across an orphaned .ost (Offline Outlook Data File) sitting on a network share,...
I've been using fireprox to defeat rate limiting with great success. This tool sets up a pass-through-proxy in AWS API Gateway which is mapped to a...
In this blog post, I'll share two low-tech methods I've used for defeating antivirus, EDR, MDR, XDR and whatever else the kids on my lawn are calling...
After breaching a network perimeter, I often end up with access to a domain-joined remote virtual desktop that is quite locked down. VMware Horizon,...
In my quest to expand my knowledge of HTTP smuggling attacks, I recently stumbled on a hackerone report from @niubl who disclosed a security flaw in...
I'm going to try Hashnode for a bit and see if I like it better than Blogger. I really hate to migrate, but Google seems to have sort of orphaned...
