3 votes and 1 comment so far on Reddit

This meaty post covers the CoreDNS + Gravwell integration for DNS security auditing. Walk through using DNS threat lists to identify malicious activity and create an orchestration noscript to automatically perform the first few threat hunting steps. Gravwell…

31 votes and 1 comment so far on Reddit

Hi Guys,

TL;DR Summary Developed a malware sample that leverages Twitter direct messaging as a channel for command and control. Background Web Service Command and Control Have recently been structuring a lot of my penetration testing efforts around the MITRE ATT&CK…

Team Page

TL;DR An Office XML (.xml) document can call a remote XSL stylesheet over SMB.  If this occurs against an attacker controlled server, the net-NTLM authentication hash (challenge/response) of that u…

Contribute to Bashark development by creating an account on GitHub.

At work, most of our virtual machines run Linux. Being able to SSH into our servers in order to develop, automate, or troubleshoot…

Contribute to PASM development by creating an account on GitHub.

Bug bounties and dependencies

The Linux kernel, versions 4.9+, is vulnerable to denial of service conditions with low rates of specially modified packets.

UBoat - HTTP Botnet Project

In my epic series on Windows binaries that have dual uses– talkin’ to you rundll32 and mshta — I showed how hackers can stealthy download and launch remote noscript-based malware. I also mentioned that pen testers have been actively exploring the living-off…

In this short blog, I will walk you through the process of obtaining a valid PMKID packet, and converting those frames of data to hashcat…

Crestron produces touchscreen devices, such as the TSW-XX60 series, which can be used to schedule meeting rooms in corporate offices.