Skip to main content

January 25, 2017

Escape and Evasion Egressing Restricted Networks

A command kill chain consists of payload delivery, code execution on a target system, and establishing a command and control (C2) channel outside of a...

See Details

February 13, 2013

Blacksheepwall: Hostname discovery with node

Hostname discovery is a critical step in the execution of a complete penetration test. You can’t attack what you can’t see. Many times you can’t view ...

See Details

April 24, 2012

Port Scanning Through Tarpits

During service discovery, I occasionally run into hosts that will report every single port as open. Obviously this is because something in front or on...

See Details

February 06, 2012

Winning With VBA Macros

As pen-testers, it is often that we come across obstacles; the technical adversaries that keep us from getting our prize in the cracker jack box. This...

See Details

November 18, 2011

Getting Tricky with Windows File Transfers

During a penetration test, I often run into situations where I need to transfer a file from my attacking machine to a Windows system. The most common ...

See Details