-
Visualizing Network Scans and Identifying Relationships with Neo4j
•
Networks can be gigantic, period. Scanning from different network vantage points can also be challenging. The more and more I started getting into the weeds of a networking using Masscan and Nmap, the harder it was for me to make visual sense of its topology. Sure, I could use spreadsheets…
-
A week without “why” and how it changed my thinking
•
Truth be told, and if I’m being a bit candid, I really dislike the word “why”. Now, if you find yourself asking inside your head, “but why?” then this article might be for you. Some of the explanations in this article might be overly simplified, but I still encourage the…
-
How to set up (and secure) a Samba media server for Chromecast usage (in 20 minutes or less!)
•
Over the last few months, my primary focus has been hacking. As an attacker, seeing file-sharing systems like Samba, FTP, and NFS get me excited to find loot! However, in my downtime, I love to partake in movie watching from my ever-growing DVD collection. The problem is that I love…
-
Mindset for hacking GraphQL Applications
•
I’ve tried to summarize a lot of information from HackTricks, YouTube, HTB write-ups, disclosed vulnerabilities, and the GraphQL documentation to come up with succinct notes on GraphQL. This way you don’t need to be an expert to focus on what’s important. I’m not claiming to be an expert on GraphQL,…
-
Shell Games — A closer look at the behavior of different msfvenom shells with strace
•
During a recent engagement I had the chance to test various payloads against a few different endpoint detection tools. Think of anti-virus, but with remote administration and enterprise support. The technologies are amazing, however, when testing different kinds of reverse shells, some payloads could be used to easily evade the…
-
Leveraging Postman Collections for Offensive Webapp Testing
•
I was recently in an engagement with a web application that was interconnected with about half a dozen services while offering up a few dozen API routes that had to be tested within three days. As I stared at the flow chart provided and tried to gather an understanding of…
-
How to configure Android Studio with BurpSuite
•
Let’s say you’ve been assigned some mobile work. You’re a pentester, mobile developer, or just a tinkerer who needs to be able to see traffic flowing to and from your Android device. Chances are you’re going to want to use BurpSuite to help make your life a little bit easier.…
-
Timing-Based Username Enumeration: What’s a fix versus mitigation?
•
For web-based applications, Timing-based Username Enumeration is a great find. For testers it’s low-hanging fruit and a great way to enumerate valid accounts for password attacks or social engineering. For engineers, fixing can be a pain in the rear end. Recently, I had an interesting debate with a coworker after…
