Month: April 2018

Lars Iwer‏ @Virtual_Lars  Need Hyper-V symbols for debugging/bug hunting? We’ve now published most debugging symbols on our public servers. If you want to know more, this way, please: https://blogs.technet.microsoft.com/virtualization/2018/04/25/hyper-v-symbols-for-debugging/ … #HyperV  

“This is the official GitHub Repository of the OWASP Mobile Security Testing Guide (MSTG). The MSTG is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). You can also read the MSTG on Gitbook or download it as an e-book.”

A very detailed post explaining the process they used to “…or why you should ensure all Windows machines are domain joined. The first thing I run on an internal is the Responder tool. This will grab Windows hashes from LLMNR or NetBIOS requests on the local subnet. However, this client was wise to this and had LLMNR & NetBIOS requests disabled. Despite already knowing this fact from the previous engagement, one of the things I learned during…

PowerShell: In-Memory Injection Using CertUtil.exe May 31, 2018, Shane Rudy, Senior Security Consultant, Coalfire Labs Have you ever heard the old saying, “The only constant in life is change?” Nothing is truer in the world of penetration testing and information security than the certainty of change. New defenses are always emerging, and the guys and gals in the red team game are always having to evolve our efforts to evade defenses. This week was one…

We have some nice HP and Dell workstations available for sale as well as several HP ProLiant DL385 /DL380 series servers. Contact me and I will get you the information on them.