Education
In this scenario it is assumed you do not have credentials, but you do have either adjacent or routable access to an Active Directory Domain Controller and can access common ports/services such as: LDAP, LDAPS, SMB, NETBIOS, KERBEROS, DNS
Read more “Active Directory Attacks – “It’s cold out here””
Education
have you ever wanted to port forward from a Windows Host to a WSl2 KALI VM when you are using a NAT’d virtual switch configuraiton with WSL2?
Read more “Port Forwarding with WSL2”
Hacking
My friend Lars and I were just talking about some of the research areas we are working on and randomly the conversation turned into “what shall we call it?” and then LDAPNomNom came up! So I whilst laughing (coz the name is lulz) with my buddy I downloaded and ran LDAPNomNom against a lab vm quickly! (Lars also fixed an error with readme.md that I pointed out coz my debug skillz ROCK! 
)
So here we have me doing username enumeration via LDAP Ping using LDAPNOMNOM!
Read more “Stealthy Active Directory Username Enumeration with LDAPNomNom”
Guides
Penetration testing, adversary simulation, red teaming, purple teaming, rainbow teaming, call if what you like, the security outcome we are working towards is:
This is to support the organisations mission, vision, goals, and objectives. Cyber security is to support and enable the organisation’s capability to execute digital services in a safe manner.
Read more “Practical Security Assurance”
Defence
Everyone has a plan until they are cyber punched in the face! Or something like that!
People seem to have this misconception that you need to “do a pentest” or some other project based activity to do “security testing” or response planning.
Let’s be real here, you really don’t. But what you do need is a few things:
Leadership
I am seeing lots of “debate” about the value in red teaming, so I thought I would put together my thought process of how I look at as a broad stroke when I consider a generic starting position in an organisation. When I’m defending a business, I tend to ask myself (and the team/customers etc.) these kind of questions (they are not exhaustive):
Read more “Red Team Readiness Assessment”
Guides
MFA was the “silver bullet” but friction and security kind of go hand in hand, the idea of a push notification and simple “authorise” is great in theory, but in practise it is vulnerable to brute force and human error. In this post we are going to check out enabling number matching authentication in Azure.
This is just one configuration option, as you can see there are loads of options for methods and specific configurations. Bear in mind the pros and cons for each one, for example SMS based 2FA can be vulnerability to SIM swapping attacks. I’m going to focus on Number Matching in Authenticator for this post: Read more “Enable Number Matching in Azure MFA”
Education
Oh that’s “just a Nessus scan” or that’s not a real pen test etc. is something that if you are in the infosec/cyber world for a few minutes you will probably hear.
It’s honestly a bit odd, some sort of way of diminishing something because a tool was used, which doesn’t really make a whole lot of sense given most activity involves using something that already exists (sure there are fields and scenarios where this isn’t true but I’m generalising).
So why are we as an industry obsessed with tools and obsessed with berating people for using them? It’s all rather odd.
It perhaps ties in with this Cyber Myth about penetration testing being the tool that’s good and useful in every scenario… I hate to break it to people, but it’s not the principles of security and it certainly isn’t the best/most appropriate “tool” in every scenario. Read more “When running Nessus is a good thing!”
Education
Everything is 1337! Everyone hacks everything with no sweat, all networks are taken down by cyber magic… or maybe not….
Let’s look at some business realities, shall we? Read more “Cyber Security Testing Myths vs Realities”
Education
Honestly, it feels weird writing this, however I feel there’s a real issue with penetration testing and some myths that (for understandable and obvious reasons) exist in some people’s minds. So I’ve taken to trying to explain to people what an external penetration test actually entails in the real world of business. So here goes!
Read more “Infrastructure Penetration Testing Realities”