Browse Infrastructure Content

Learn how to tune Nmap to get port scans completed faster without negatively impacting scan accuracy, or causing an outage.

How to use Nmap to perform accurate port scans assets, understand frequently overlooked options (including the defaults!) that lead to inaccurate scan results.

In this article I propose a new tool oneshell to solve some of the problems with existing reverse shell tooling.

Kubernetes pentesting. Enumeration, lateral movement and privesc with Kubehound.

The aim of this presentation is understanding the art of user impersonation in Windows systems.

I present a new technique involving signed minifilters to disable EDR systems.

We regularly challenge and beat Fortune500 defenses. Often times, a decent ADCS honeypot could have stopped us. So we built one.

Compromise of an SCCM administrator can lead to compromise of every machine managed by SCCM. SCCM administrators must be considered highly privileged accounts.

Delve into the modern techniques and security controls surrounding password spraying. This will explore the current TTPs for password spraying.

Nighthawk’s 0.3 release is probably the most significant and impactful change to the framework since its creation.

This script would allow red teams get windows passwords in cleartext which can be useful in pentest engagements.

This article is not about something new, but rather a report on my research into password policies in an Active Directory environment.