Creating Python executables during an offensive security engagement used to be an effective method of evasion. However, this tactic has become increasingly difficult on modern Windows endpoints. In fact, even benign programs seem to get blocked immediately after touching disk. This is just one of the reasons red teamers have…

To date, one of my most lucrative bug bounties came from a password reset poisoning vulnerability. This post walks through the process of finding, exploiting, and fixing this bug to help you earn a max payout in your own disclosures! Overview Password reset poisoning is a header based attack, where an…

Practical ncat — commands, usage, and real-word application Depending on your familiarity with Unix operating systems, you may have heard of the built-in networking utility netcat — also referred to as “The Swiss Army Knife of TCP/IP networking”. Netcat is used for establishing connections over a network and capable of…

A comparison of methods, functions, and output. — The ability to execute shell commands in Python increases the flexibility and application of the language. However, the number of ways in which this is possible can be overwhelming. This post aims to uncover the behavior of these functions and help developers make informed decisions about their code. Overview What is a “shell”? A shell…

and decipher the world of computer science — Whether your writing a professional report or your next Medium story, trying to convey technical subjects to your audience is no easy task. A clear focus and concise formatting can easily get lost in required pretext or lengthy code blocks. As a cybersecurity consultant, interpreting complex tasks and making sense…

Maintaining the code base on your own personal blog or website can be a great learning experience. It teaches you about the design and architectural decisions involved in running a successful site, and allows for added flexibility outside of otherwise preset behaviors. Additionally, this approach makes you less reliant on…

and jeopardizing your PCI compliance! — What does it mean to be “PCI” compliant? If you own a business or work in the industry, you’ve most likely heard of PCI and know maintaining compliance is critical for a business to continue accepting credit card payments. For the rest of us however, “PCI” is an even shortened version of the acronym “PCI DSS”, which stands…

Have you ever installed a Python application, only to find out later the required dependencies replaced those of another critical application? Python virtual environments can help eliminate this dependency nightmare and make the installation and management of your projects more sustainable. …

Okay, so Slack can’t actually perform port scans! However, it can act as a communication channel to relay tasks, such as port scanning, to a remote server. This post demonstrates how to use Slack to automate repetitive, resource intensive tasks during bug bounty hunting or any offensive security engagement. …