Why Implicit Deny?
Implicit Deny was started by a like-minded group of information security professionals from a variety of backgrounds. After months of swapping war stories, hacks, mitigations, workarounds, and best practices, they realized they were all asking the same question: Why does Information Security seem so difficult?
Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection
Often times a corporate internal network is heavily locked down. Workstations are restricted with limited internet access. These controls are often less strict on mobile devices (or sometimes not present), especially with BYOD being implemented more and more. While...
read more
Hard Coded Credentials in Casino Software
Having been in this industry for a while, I've come to loathe vendors, especially those in highly vertical markets. In most of these markets, the hardware and software peddled by these vendors is rarely tested for security. Not only are there just not enough security...
read more
Powerview Caught By Symantec Endpoint Protection
It has finally happened: @harmj0y's Powerview Powershell cmdlet was caught by Symantec Endpoint Protection (SEP) during a pentest this week. The cmdlet is SID 29038 in Symantec’s attack signature database. Scenario During testing I used the following one-liner to...
read more
SMB Relay with Snarf: Making the Most of Your MitM
SMB Relay is a well-known attack that involves intercepting SMB traffic and relaying the NTLM authentication handshakes to a target host. This post assumes you already understand the basics of SMB Relay (if not I highly suggest you check out Mark Baggett’s SANS post...
read moreWhy Implicit Deny?
Implicit Deny was started by a like-minded group of information security professionals from a variety of backgrounds. After months of swapping war stories, hacks, mitigations, workarounds, and best practices, they realized they were all asking the same question: Why...
read more