Ochaun Marshall

Using Components with Known Vulnerabilities

When an organization has a breach, you would like to imagine that the attacker crafted a new exploit, leveraging a zero-day vulnerability that no one has any protection against. However, It is far more likely that the attacker exploited well-known vulnerabilities that may have been residing within their systems for months, if not years.  Attackers …

Using Components with Known Vulnerabilities Read More »

Taming the Jungle: Hardening your AWS infrastructure

After nine tutorials, sixteen posts on stack overflow, and several hours or workweeks of effort you’ve finally done it. You’ve finally got something in Amazon Web Services (AWS) to work as expected. It could have been something as simple as a static hosted site, or as complicated as a massive blockchain distributed machine learning web …

Taming the Jungle: Hardening your AWS infrastructure Read More »

Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat

As of 2019-05-14 the Funny Stories section has been updated. Now that we understand what the goal is from my first blog post, we can move into the good stuff! The packer build process is pretty much the whole reason I embarked on this journey of automation. I got tired of installing kali from an …

Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat Read More »

Scroll to Top