04 May 2020
Quick Guide to Security Headers - Part One
A month ago, we finished a series of six web application assessments for local and regional banks. In addition to common web vulnerabilities, like SQLi, we
Continue Reading
27 April 2020
Remotely Host MSBuild Payloads
tl;dr Separate your C# payload from a MSBuild XML file and host it remotely on a WebDav server. Red teams and attackers frequently repurpose MSBuild,
Continue Reading
20 April 2020
EyeWitness - Potential Modifications
This is the second post in relation to the new .Net implementation of EyeWitness and it will cover a few things that you should possibly do
Continue Reading
14 April 2020
Ngrok for Local Infrastructure
IntroductionHello, meet ngrok (https://ngrok.com/), an easy way to tunnel traffic from a local machine (i.e. VM) to an external address. With ngrok, you
Continue Reading
06 April 2020
MiddleOut: a C# Compression Tool
MiddleOut (a salute to Silicon Valley) is a tool written in C# that compresses any number of files passed to it. I wanted to learn .Net
Continue Reading