Certification Experience: OSCP and PWKv2
Strategy recommendations, pitfalls to avoid, and why you should just write the lab report for crying out loud. There’s a reason why this certification has a reputation. The material covers [...]
Productive Hacking: 5 Indicators of a Quality Penetration Test
Key elements of penetration tests that actually work for you. Everyone seems to have a different idea of what a penetration test is. Does it involve phishing employees? What about [...]
Webinar: Pentest Engagement Types: A Guide to Understanding Simulated Attack Types
This webinar will define and explain common penetration test offerings in detail, outline the key differences and benefits, and help you decide which engagement type is the best fit for [...]
Webinar: Serverless Password Cracking or: How I Learned to Stop Worrying & Love AWS
Password cracking by the book is expensive, complicated and difficult to scale. Trying to crack passwords on laptops is comparatively slow and unhelpful. Investing in a rack of Nvidia graphics [...]
The Road To Better Password Cracking (Part 2)
The part where hashcat does a ton of heavy lifting. In the last post, I discussed how some simple character conversion and inferences about human behavior revealed some harrowing elements [...]
The Road to Better Password Cracking (Part 1)
Or: how I learned to stop worrying and love AWS GPU clusters. Photo by Alberto Frías on Unsplash Passwords are terrible. And I don’t mean just your Netflix password or [...]
So, you got a pentest. Now what?
How to progress toward a truly secure organization and infrastructure after penetration testing. You did it – you paid for penetration testing services. Whether it was to fulfill a potential [...]
Analyzing Your Attack Surface Like A Hacker
When most people think of hacking, they think of what Hollywood portrays. In a dark basement, a hooded, perhaps tattooed outcast rapidly types nonsensical keystrokes at a flashy computer monitor [...]
Understanding Different Types of Penetration Testing Engagements
There is understandably quite a bit of confusion in the market place when it comes to offensive security engagements. Consultants use a number of terms and phrases that often times [...]
Security Researchers Identify Critical Vulnerabilities in AMD Chips: Chimera, Ryzenfall, Masterkey and Fallout
Critical Vulnerabilities in AMD Chips Security researchers at CTS-Labs, based out of Israel, disclosed 13 critical vulnerabilities and backdoors in certain AMD chips used in workstations, laptops and servers. Successful [...]