Presentation on Zero Trust and the importance of identity in breach response and recovery (as given at InfoSec Europe 2019 on the tech talk track). Continue reading
NOPC (Nessus-based Offline Patch Checker) is a patch-checker for primarily Linux distribution and UNIX-based systems. It is a shell script that utilises Nessus’ nasls and gives instructions on what data is needed to be obtained from the system to perform to derive a list of missing security patches. This was developed for situations when network connectivity to the systems under review is not possible. Continue reading
secdump is a simple meterpreter module that uploads and runs gsecdump. Nothing fancy, just a time saver. Continue reading
hoppy is python script to probe HTTP options and perform scanning for information disclosure issues. Continue reading
polenum is a python script which can be used to get the password policy from a Windows machine. Continue reading
vessl is a bash script that can fetch and verify the SSL certificate of a remote server. Continue reading
A presentation introducing format string problems Continue reading
A follow up presentation to show more in-depth format string exploitation techniques. Continue reading