🚨 [Safety Tip] 🚨 Have you ever wondered what to do if you find yourself in a situation where you need to let your loved ones and possibly emergency responders know where you are and what’s happening around you? On a completely different note maybe you don’t trust your baby daddy or your children and […]
It’s really not the end of the world…well depending on who you ask but that’s probably for other reasons than CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre).
This article will detail the steps I took in order to successfully gain access to higher privileged accounts via some basic Linux privilege escalation techniques and by exploiting CVE-2004-1051 for gaining root privileges.
Details how to integrate jasypt (http://www.jasypt.org/) into a Spring Boot project to provide encryption for externalized properties.
Demonstration of macOS’s Automator app receiving a voice command that executes a script that scans for open listening ports on a machine and then terminates those processes that haven’t been whitelisted.
Discusses creating a service that will generate files to help monitor user activity and alert enterprise security teams of data breaches.
High-level overview of how a SIEM could be integrated into an enterprise environment by adopting and scaling the architecture model used in this NSM lab.
Security Awareness Training (SAT) – “Free” WiFi: Identifying Credential Harvesting Captive Portals and How to Protect Yourself Against Them
Exploits: CVE-2017-7269, CVE-2014-4076
Techniques: HTTP / WebDAV method enumeration, Privilege Escalation […]
Exploits: Drupal 7.54 Services Module RCE, CVE-2014-4113 Kernel Exploit
Techniques: Empire / Metasploit session passing, Fuzzing, Privilege Escalation […]
BLTSEC 