The Secret Cipher: Modern Data Loss Prevention Solutions
April 15, 2024 | David Broggy
This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Remote Desktop Event Log Analysis: Variations In Logging For Event ID 1029
January 22, 2024 | Sergey Gorbov
This blog covers Stroz Friedberg’s novel research and analysis of Remote ...
Restricted Admin Mode – Circumventing MFA On RDP Logons
November 15, 2023 | Apurva Goenka
This blog post demonstrates the use of Restricted Admin mode to circumvent MFA ...
New Burp Suite Extension: BlazorTrafficProcessor
July 20, 2023 | Will Rabb
Pentesting web applications that use Blazor server comes with unique ...
Amazon Web Services: Exploring the Cost of Exfil
October 06, 2022 | Andre Maccarone and John Ailes
Using a free and easily accessible tool for Amazon Web Services ("AWS"), ...
Trustwave's Action Response: Multiple Log4j Zero-Day Vulnerabilities
December 10, 2021 | SpiderLabs Researcher
Updates: Dec. 29: Updated to cover three additional CVEs: CVE-2021-4104, ...
Introducing D-Modem: A software SIP modem
October 29, 2021 | Dan Bastone
Connect to dialup modems over VoIP using SIP, no modem hardware required.
Missing Critical Vulnerabilities Through Narrow Scoping
September 16, 2021 | John Anderson
The typical process when scoping a penetration test is to get a list of targets ...
Cobalt Strike Configuration Extractor and Parser
August 27, 2021 | Noah Rubin
Cobalt Strike Beacons continue to be the norm for persistence, lateral ...
Cyber Secure Select: Protecting High-Net-Worth Individuals
June 28, 2021 | Faisal Tameesh
A behind the scenes look at an Executive Vulnerability Assessment.
Office 365 Best Practices: 7 Steps to Mitigating Business Email Compromise
February 24, 2021 | Carly Battaile
Microsoft’s Office 365 is an increasingly popular email solution for ...
Finding More IDORs – Tips and Tricks
February 12, 2021 | Max Corbridge
A collection of useful tips, tricks, and techniques for discovering IDORs.
Still Scanning IP Addresses You’re Doing it Wrong
July 02, 2020 | John Anderson
The traditional approach to a vulnerability scan or penetration test is to find ...
Exploring Solidity’s Model Checker
May 13, 2020 | Eric Rafaloff
This blog post aims to be an exploration of how Solidity’s model checker works, ...
Burp Suite Team Collaborator Plugin
October 22, 2019 | Tanner Barnes
Share web traffic, findings, and specific requests in real time with two or ...
Introducing Windows Exploit Suggester
July 11, 2014 | Sam Bertram
A tool to detect potential missing patches on Windows hosts and obtain a list ...
HTTP NTLM Information Disclosure
February 12, 2014 | Justin Cacak
Nmap script that anonymously enumerates remote NetBIOS, DNS, and OS details ...
Wardrive, Raspberry Pi Style!
December 31, 2012 | Videoman
I purchased a Raspberry Pi a few weeks back. I found that I could power it, ...
Automated Padding Oracle Attacks With PadBuster
September 14, 2010 | Brian Holyfield
An automated script for performing Padding Oracle attacks.
Paper on passive information gathering
February 11, 2004
TechicalInfo.Net is an excellent resource for Web Security information. Gunter ...