Juniper Two Factor VPN & Linux
David Fletcher // On a recent internal penetration test engagement, I was faced with using a Juniper VPN to access the target network. One small problem, Juniper does not formally […]
Lawrence’s List 062416
This week is going to be sort of short. I get to go on vacation! I’ll still be trying to do some minimal posts during the next two weeks, but […]
SSH Config Files
Ethan Robish // Here’s a short intro for anyone not familiar with ssh config files, which are usually located at ~/.ssh/config As an example, you have ssh running on port […]
Book Review: “Red Team – How to Succeed by Thinking Like the Enemy”
Brian B. King // Red Teaming is one of those terms popping up all over the place lately, and it seems to mean different things to different people. Is it […]
Lawrence’s List 061716
Lawrence Hoffman // Certain Intel chips come with what’s called a “Management Engine” or ME. This is an actual physical subsystem which implements Intel’s Active Management Technology (AMT.) Why is […]
Bitlocker Ransomware: Using BitLocker for Nefarious Reasons
Editor’s Note: We’re excited to publish our first guest post! If you’d like to guest post on our blog DM us on Twitter, or use our contact form to contact us […]
Wide-Spread Local Admin Testing
Brian Fehrman // In our experience, we see many Windows environments in which the local Administrator password is the same for many machines. We refer to this as Wide-Spread Local […]
Lawrence’s List 061016
Lawrence Hoffman // It’s been one of those crazy busy weeks. I always feel like I didn’t get enough time to read articles, surf Reddit, and attempt to keep up […]
Are you Snoopable?!
Rick Wisser // All right, you’ve taken all the precautions related to your network. You have lockout controls in place, you use awesome password policies (20 characters with uppercase, lowercase, […]