Skip to main content

August 02, 2013

Intercepting Credentials from HP Officejet Multifunction Printers

On a recent engagement, I encountered a multifunction printer/scanner/copier, an HP Officejet Pro, without password protection. It was possible to gai...

See Details

June 10, 2013

Jboss crucial Methods for Application Security

While performing a penetration test, it’s quite common to encounter JBoss and Tomcat application servers. These servers are generally attractive targe...

See Details

October 04, 2012

Post Exploitation Using NetNTLM Downgrade Attacks

I love to pass the hash and steal tokens as much as the next pentester, but sometimes it’s nice to have the actual password for a user. Here are some ...

See Details