Weaponizing hostapd-wpe

TL;DR: Installing hostapd-wpe on a wireless router powered by an external power bank provides a standalone wireless attack platform with […]

Dirty Deeds…. On Video

Recently the team and I were engaged in a physical penetration test where our goal was to gain access to […]

Pivot, Exploit, Death by Firewall

Another scenario that is getting all too familiar: It is another day in the office. The external penetration test is […]

Building a Convincing USB Drop

One of my favorite attack vectors is the USB drop. At SecureState, our two go-to drops are the Rubber Ducky and […]

Bypassing Gmail’s Malicious Macro Signatures

Malicious macros in Excel spreadsheets are one of the most common methods of delivery in phishing attacks. If the premise […]

Intro to OSINT

*All images in this post were found using publicly available sources and should be used for educational purposes only One […]