Carrie Roberts // PowerShell’s Constrained Language (CLM) mode limits the functionality available to users to reduce the attack surface. It is meant to be used in conjunction with application control […]
Kyle Avery // Introduction This post compliments a presentation I gave at DEF CON 30 – “Avoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More,” which included the […]
Ray Felch // Recently, it was suggested that it would be cool to create a hardware badge for one of the upcoming InfoSec conferences. Admittedly, I have a pretty solid […]
moth // I’ve been diving deep into Linux lately, with my latest kick being exploring the Linux kernel. I’ve found “The Linux Programming Interface” (TLPI) by Michael Kerrisk, among others, […]
Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique […]
Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]
Sean Verity // GraphQL is one of those technologies that I heard about several years ago but had not encountered during an actual pentest. After reading a blog or two, […]
Melissa Bruno // One of the best early steps to take when testing a network, especially a large one, is to run the tool EyeWitness to gain a quick understanding […]
Hannah Cartier // Social engineering, especially phishing, is becoming increasingly prevalent in red team engagements as well as real-world attacks. As security awareness improves and systems become more locked down, […]
