Using Components with Known Vulnerabilities

When dealing with cyber vulnerabilities, there are lots of threats that are unknown and ever changing that can put users at risk.  We often hear about the latest zero-day to wreak havoc with its clever name. But not all threats come from unexpected sources. Many originate through ancillary software dependencies with known issues that are overlooked, …

Using Components with Known Vulnerabilities Read More »

Computers are People Too

There are those rare times during pen tests, when you are on a client’s network and you don’t have any valid domain credentials but you do have local admin on a windows device joined to the client’s domain.  Perhaps you’ve exploited a vulnerability on a system that grants you local admin rights. Or maybe you’re …

Computers are People Too Read More »

Taming the Jungle: Hardening your AWS infrastructure

After nine tutorials, sixteen posts on stack overflow, and several hours or workweeks of effort you’ve finally done it. You’ve finally got something in Amazon Web Services (AWS) to work as expected. It could have been something as simple as a static hosted site, or as complicated as a massive blockchain distributed machine learning web …

Taming the Jungle: Hardening your AWS infrastructure Read More »

10 Tips for Engaging a Security Services Vendor

The Information Security market brought in an estimated $167 billion in 2019 and that’s expected to double in the next 4-5 years according to some estimates. With that huge growth comes an avalanche of security companies promising to fix all of your cyber worries. Some of them offer amazing services with fantastic value. Others, not …

10 Tips for Engaging a Security Services Vendor Read More »

Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat

As of 2019-05-14 the Funny Stories section has been updated. Now that we understand what the goal is from my first blog post, we can move into the good stuff! The packer build process is pretty much the whole reason I embarked on this journey of automation. I got tired of installing kali from an …

Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat Read More »

Scroll to Top