Dynamic Device Code Phishing
rvrsh3ll // Introduction This blog post is intended to give a light overview of device codes, access tokens, and refresh tokens. Here, I focus on the technical how-to for standing […]
rvrsh3ll // Introduction This blog post is intended to give a light overview of device codes, access tokens, and refresh tokens. Here, I focus on the technical how-to for standing […]
Joseph Kingstone // Are you assigned a physical penetration test and want to fly under the radar and meet all of your objectives like the elite hacker you are? Stick around […]
Derek Banks // Living Off the Land Binaries, Scripts, and Libraries, known as LOLBins or LOLBAS, are legitimate components of an operating system that threat actors can use to achieve […]
Corey Ham // Tl;dr Use a password manager instead of browser storage for passwords, credit card numbers, and other autofill items. Personal security: Do not save anything sensitive in […]
Isaac Burton // For as long as we have known about prototype pollution vulnerabilities, there has been confusion on what they are and how they can be exploited. We’re going […]
Joseph Kingstone // Looking to get into physical security? Not sure what you need to get started? Look no further. What are Physical Security Assessments? Physical security assessments evaluate an […]
Alyssa Snow // During an external or internal network penetration test, it can be challenging to comb through each web server in scope to find the juicy stuff. During a […]
Dale Hobbs // As the world becomes increasingly connected through the internet, cyber attacks have become more sophisticated and prevalent. One type of attack that you may not have heard […]