top of page
Search
It’s Breach O’Clock, Do You Know What Your M(S)SPs Are Doing?
During penetration tests, it’s common to find multiple issues for things like weak protocols, poor message signing, IPv6 issues, missing...
Dec 16, 20222 min read
0 comments
Assumed Breach? I Thought I Bought a Penetration Test!
We hacker types use a lingo of our own to describe our work, and many of our clients aren’t familiar with the jargon. One of those terms...
Dec 16, 20222 min read
0 comments
The Call Is Coming From Inside the House: Microsoft Direct Send and Why You Need to Mitigate Now
Earlier this year, a new technique for sending spoofed emails was discovered. This new technique focused on sending an email from...
Dec 16, 20222 min read
0 comments
Whatever Happened Last Time, It Wasn't A Penetration Test...
I am lucky to have an increasing number of larger clients for my penetration testing engagements. While it is always enjoyable to work...
Dec 25, 20213 min read
0 comments
The ESPkey - Your Physical Security Team's New Worst Nightmare
Ever since I got into security I have been interested in social engineering, specifically the physical part of testing. Being paid to...
Sep 5, 20215 min read
0 comments
The OSCP is Cool Until it's Not...
First official blog post! Been awhile since I wrote literally anything that wasn't a Twitter post, email or pen test report. Gotta say,...
Aug 15, 20212 min read
0 comments
bottom of page