Fire and Forget: Meterpreter Automation

Throughout the past year I have been conducting routine phishing assessments for a client. For their final test of the […]

CSRF on Anonymous Forms

Using CSRF on Anonymous Forms This article will focus on linking CSRF vulnerabilities with phishing attacks to extend the lifetime […]

Quick Reference: Empire Persistence Modules

During a penetration test you may find yourself in a situation where your foothold in the network is tenuous and […]

Pentesting Restrictive Environments – Part 2

Putting it all together Note: This blog is part 1/2 of Pentesting Restrictive Environments. I highly recommend reading part 1 […]

Pentesting Restrictive Environments – Part 1

The Scenario On a recent engagement, the client was focused on testing the controls that were in place within the […]

Breakdown of HTTP Messages

HTTP is a stateless protocol used in the World Wide Web (WWW) to facilitate a client-server data transaction. HTTP/1.1 is […]