The PWK Course [https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/] was something that had been on my radar for years and I'd been wanting to take it for quite a while. Having heard of its ass-whupping potential, I wanted to make sure I could devote the time and energy to the
Once upon a time before the age of cellphones, there were things called "landlines". During these dark ages, you had to be at home to make or receive calls - life was hard but people somehow managed to survive. In the early 2000s, I moved into a condo building that
This was a pretty fun machine. Nothing tricky here, just good old enumeration and exploitation. As usual, we start off with a nmap scan: Checking out the webserver shows this in the source code of the home page: Hitting up http://10.10.10.150/secret.txt gives us a
I finally got around to playing with some Digisparks [http://digistump.com/products/1] I bought a few months ago and one of the popular uses is to grab wifi passwords from a Windows machine and exfil the data. There are various approaches to this and different methods of exfil
I attended BSidesSF 2019 and skipped this presentation based on the title because I assumed it was going to be some cheesy IronMan thing. I could not have been more wrong. While Burp Suite is widely considered to be the gold standard when it comes to web app pentesting, it