John’s Talk from DerbyCon 2016
John Strand //
John Strand //
Beau Bullock // TL;DR MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It […]
Jordan Drysdale // This article, like the IADGov link here has three major steps. First, acquire a Raspberry Pi and a VPS running CentOS 6.8. Second, configure the server and Raspberry […]
John Strand // Lets take a look at how to use HoneyPorts on the new Active Defense Harbinger Distribution. For those of you who do not know, this is a […]
Ethan Robish // Let’s Encrypt is a free service that allows you to obtain a free (as in beer) SSL/TLS domain validation certificate to use as you wish. Here is what […]
Brian Fehrman (With shout outs to: Kelsey Bellew, Beau Bullock) // In a previous blog post, we talked about bypassing AV and Application Whitelisting by using a method developed by Casey Smith. In […]
Jordan Drysdale // As I wander through life, in what now seems like a world gone entirely mad, disconnecting from digital is my newest hobby. Information overload constantly smashes us […]
In this webcast we walked through the current super cool crop of MITM tools. We looked at Bettercap, MITMf and discussed LLMNR and WPAD poisoning attacks. Also, this was a new […]
Joff Thyer // One of my observations over time in the Information Security market is that the vendors seem to want to solve challenges with appliance point solutions. It is […]