We are releasing the SecSmash tool we announced at BSIDES LV. SecSmash is a framework that allows you to turn centralized management,
Password cracking is a crucial part of a pentest. It can either lead you to the promised land, or stop you dead in your tracks.
When I came across the tool BloodHound, it quickly became one of the go-to tools in my arsenal.
As pentesters, our job is to demonstrate the risk of unpatched vulnerabilities to the business.
Responder is a go-to tool for most pentesters. We use it quite often on pentests to quickly gain access to a client’s domain.
This post will show how to crack NTLMv1 handshakes with the crack.
During a recent Red-Team engagement, we discovered a series of information disclosures on a site allowing our team to go from zero access to full compromise in a matter of hours.
Recently on a pentest, we encountered a web application that allowed us to control command line args sent to the ‘java’ binary on the underlying server.
USB dropping is one of those famous ‘hacker’ moves from the 2000’s that lives on in infamy.