Let’s Get Physical* Part 1; Defeating Wetware Access Controls
Sally Vandeven // I found myself with a little extra time one day (and I didn’t tell my project manager) so I thought it would be a great time to […]
Honeyports & ADHD!!!
John Strand // Lets take a look at how to use HoneyPorts on the new Active Defense Harbinger Distribution. For those of you who do not know, this is a […]
How Does Let’s Encrypt Gain Your Browser’s Trust?
Ethan Robish // Let’s Encrypt is a free service that allows you to obtain a free (as in beer) SSL/TLS domain validation certificate to use as you wish. Here is what […]
Lawrence’s List 090216
Lawrence Hoffmann // Election fraud is something I’ve mentioned here recently. The reality we must face here is that any time a digital system is used for voting there is […]
Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV
Brian Fehrman (With shout outs to: Kelsey Bellew, Beau Bullock) // In a previous blog post, we talked about bypassing AV and Application Whitelisting by using a method developed by Casey Smith. In […]
Reminders – Simple Security and Finding Sanity In the Digital Age
Jordan Drysdale // As I wander through life, in what now seems like a world gone entirely mad, disconnecting from digital is my newest hobby. Information overload constantly smashes us […]
Google Docs becomes Google SOCKS: C2 Over Google Drive
Luke Baggett // If you’re monitoring a network with internet access, it’s almost inevitable that you’re going to see a lot of traffic to and from Google servers. Blending in […]
Lawrence’s List 081916
Lawrence Hoffman // So Microsoft is open sourcing PowerShell and putting it on Linux. Realistically Linux already has a full suite of administrative tools and some very powerful scripting languages […]
It’s Always Nice to Have Cron-ies!
Rick Wisser // I have been asked by some friends, (not very Linux proficient friends) to share this. I thought I would create a blog post and share with all. […]