Posts

• Grumpy Hackers May 24
• RSS Feed Fix May 23
• Bash Golf with Whois May 20
• VulnReport Install Feb 28

• 2019 ShmooCon Hiring List Dec 15
• Wifi Feature Request: WPA handshakes Oct 14
• Erlang Authenticated Remote Code Execution Sep 15
• 2018 KiwiCon Hiring List Sep 9
• 2018 DerbyCon Hiring List Sep 1
• Stealing Certificates with Apostille Aug 26
• 2018 BH/DC/BSidesLV Hiring List Jul 27
• Pass the Hash with Kerberos Jul 24
• Getting Hired: A Few Tips Jul 22
• A Few Changes Jul 9

• 2018 ShmooCon Hiring List Dec 28
• Open Source Pentesting Oct 27
• 2017 GrrCon Hiring List Oct 16
• Automatically deleting old Gmail email Oct 12
• 2017 DerbyCon Hiring List Aug 13
• Dump LAPS passwords with ldapsearch Jul 24
• Security Affairs Questions Jul 3
• Dynamic DNS Update Module Jun 25
• Reset AD user password with Linux Jun 23
• Password Magic Numbers May 6
• 2017 Shmoocon Hiring List Jan 5

• Buying Internal Domain Access Dec 29
• Passwordreq No - A hacker prospective Dec 7
• Blocking countries via iptables Oct 28
• Snagging creds from locked machines Sep 6
• 2016 DerbyCon Hiring List Aug 17
• BlackHat/Def Con/BSides Talk Picks for 2016 Jul 24
• Linkedin NXDOMAINs - Purchased Pwnage Jun 17
• SMB/HTTP Auth Capture via SCF File Jun 14
• WPAD Persistence May 22
• Kerberoasting - Part 3 May 22
• Kerberoasting - Part 2 May 21
• Kerberoasting - Part 1 May 20
• BlackHat USA 2016 May 1
• Metasploit Minute Apr 4
• Another Blogging Platform Mar 26
• 2016 Shmoocon Hiring List Jan 4

• Reverse Proxying Attacker Tools Dec 31
• Intel NUC Super Server Nov 18
• Meterpreter show_mount Nov 2
• Time Oct 25
• R5 Industries Oct 14
• DotNet's DNVM For Persistence On Developer Machines Oct 5
• Hiding Desktop Icons For Presentations On OSX Oct 2
• Hacking Advice For @Krystropolis Sep 24
• Get PasswordLastSet Time For Domain Controller Accounts Sep 16
• Using Domain Controller Account Passwords To HashDump Domains Sep 15
• 2015 DerbyCon Hiring List Sep 14
• Tres Lessons From Pied Piper Delete Key Hack Sep 10
• Back to Blogger Sep 7
• pfSense without Internets Feb 17
• 2015 ShmooCon Hiring Jan 13
• Powershell Popups + Capture Jan 12

• Full Disclosure - SingleClick Connect Sep 15
• OSX Persistence via PHP Webshell Sep 9
• Milkman: Creating processes as any currently logged in user Aug 14
• The Internets Own Boy Jul 10
• Why good leaders make you feel safe May 27
• Go home InfoSec, you're drunk May 26
• Installing PyCrypto on OSX Mavericks May 21
• Effective NTLM / SMB Relaying May 21
• CCDC Red Teamer's Creed May 20
• Dumping NTDS.dit domain hashes using Samba May 14
• Executing code via SMB / DCOM without PSEXEC Apr 19
• Iterative DNS Brute Forcing Feb 19
• Hostname bruteforcing on the cheap Jan 29
• Attacker Ghost Stories - ShmooCon 2014 Jan 18
• Application Whitelist Bypass using IEexec.exe Jan 16
• Installing Metasploit Community Edition on Windows 8 Jan 13
• ExtAPI Pranks Jan 10
• Alive Again Jan 9
• Metasploit Minute - Mondays with Mubix - Episode 1 Jan 6

• Dumping a domain worth of passwords with mimikatz Oct 5
• AD Zone Transfers as a user Oct 4
• Stealing passwords every time they change Sep 11
• Changing proxychains hardcoded DNS server Sep 10
• Unkillable Processes Aug 10
• Problems with blogging software Aug 10
• Volume Shadow Copy NTDS.DIT Domain Hashes Remotely - Part 2 Jun 11
• Volume Shadow Copy NTDS.dit Domain Hashes Remotely - Part 1 Jun 10
• Using Mimikatz Alpha or Getting Clear Text Passwords with a Microsoft Tool Jun 7
• Query all windows services config from the command line May 30
• Sessiondump Meterpreter Extension Apr 8
• Metasploit Mastery @BlackHatEvents USA 2013 Mar 19
• Length Sorting Wordlists Mar 18
• Mounting NFS shares through Meterpreter with NfSpy Mar 4
• Suggestions on what to do when a service you use gets compromised Mar 2
• Blocking Java Exploits, Malicious Signed Applets, and 0days Feb 27
• Compile NFSShell on Ubuntu Feb 22
• ShmooCon 2013 Streaming Feb 15
• Metasploit Mastery meets CanSecWest Jan 25
• Intro to White Chapel Jan 19
• Cyber Pickpocketing Jan 6

• Delete TrustedInstaller-only Files and Folders Dec 24
• EXE::Custom in Metasploit's Java Exploits Nov 19
• Smash and Grab: Windows Dir Lists Nov 13
• Finding Admin Access Oct 31
• BypassUAC got a facelift Oct 30
• lm2ntlm with John the Ripper Oct 24
• AXFR for DNSSEC: DNSSEC Walker Oct 22
• Setting SYSTEM's proxy settings with Metasploit Oct 21
• Mounting SMB shares over Meterpreter Oct 17
• UAC AlwaysNotify Bypass-ish Oct 16
• Pass the Hash without Metasploit - Part 2 Oct 15
• Compiling and Release of Ditto Oct 8
• Compiling and Release of Netview Oct 7
• Lab Setup - Windows Proxy and Egress Filtering Oct 6
• Meet “q” – Free Metasploit Exploit Pack Oct 4
• Dirty Little Secrets They Didn't Teach You In Pentest Class - Part 2 (Video) Oct 1
• Completely In-memory Mimikatz with Metasploit Sep 6
• Old School On-target NBNS Spoofing - Part 2 Sep 2
• Old School On-target NBNS Spoofing Sep 1
• Free Shells with Plink and Pageant Aug 28
• Post Exploitation Command Lists - Request to Edit Aug 25
• LetMeOutOfYour.NET – Server Build Aug 11
• LetMeOutOfYour.NET – Intro Aug 10
• Free Ticket Contest - Metasploit Mastery at DerbyCon Aug 7
• Raising Zombies in Windows: Part 1 - Passwords Jul 31
• Cross-Protocol Chained Pass the Hash for Metasploit Jul 10
• Bypassing Trend Micro's Service Protection Jul 5
• Presence, Persistence, and Pivoting Jun 29
• Netstat Post Module for Meterpreter Jun 28
• Evidence of Compromise - Metasploit's PSEXEC Jun 25
• Companies that give back with free tools Jun 20
• Integration of Mimikatz into Metasploit Stage1 Jun 15
• SUDOERS Commented Includes used for Evil May 26
• Post Exploitation with PhantomJS May 25
• Sticky Keys and Utilman against NLA May 24
• DerbyCon Training (Sep 27-28 2012) May 22
• Jasager - Past, Present and Future May 12
• phDays in Moscow Apr 26
• How to Win CCDC - Slides Mar 19
• Who is on your dream team red team? Mar 4
• Developing the LNK Metasploit post module with Mona Feb 19
• MS08_068 + MS10_046 = FUN UNTIL 2018 Feb 11
• A @textfiles approach at gathering the world's DNS - Slides Feb 3
• (UAC) User Assisted Compromise Jan 3

• Hak5 Segment Sneak Peak Dec 26
• Shared Links Dec 23
• Hash Types for John the Ripper Dec 12
• First day of a No Starch Christmas - Winner Dec 1
• 12 Days of No Starch Press Nov 27
• Run POST Modules On All Sessions Nov 2
• MSFConsole Prompt Fiddling Oct 9
• The Dirty Little Secrets They Didn't Teach You In Pentesting Class Oct 6
• Create a 64bit Process From a x86/32bit One Sep 28
• #DerbyCon Approaches... Sep 17
• Who Is Logged In? A Quick Way To Pick Your Targets Sep 17
• Disconnect Stalled SSH Session Sep 15
• Multiple Dictionaries or Wordlists Using John the Ripper Sep 12
• Post Exploitation Command Lists Sep 6
• Wim Remes (@wimremes) for (ISC)2 Board of Directors Aug 30
• IIS Search Verb Directory Listing Aug 26
• Populating Your Virtual Victim Domain Aug 20
• IP Resolution Using Meterpreter’s Railgun Aug 19
• Railgun Error Checking Aug 19
• Minimum Password Length of 15 or more via GPO Jul 26
• Metasploit Payloads Explained - Part 1b Jul 17
• GPU Cracking Complaints Jul 13
• NoVA Hackers - 3 years old and still going strong Jul 7
• fxsst.dll persistence: the evil fax machine Jun 27
• Metasploit Payloads Explained - Part 1a Jun 26
• Metasploit Payloads Explained - Part 1 Jun 26
• Remotely Suspend All Threads with Meterpreter May 30
• Remote DLL Injection with Meterpreter May 30
• Dumping Hashes on Win2k8 R2 x64 with Metasploit May 16
• Exploitable Mobile App Challenge Apr 12
• IPv6 Attacks Apr 6
• RSA Dun-got hacked! APT etc.. Mar 22
• Metasploit VNC Password Extraction Mar 21
• Psychological Warfare with NirCMD Mar 5
• PHP Web Shell Mar 4
• Issue a Linux command without it going into history Mar 3
• Destructive DOSKEY aliases Mar 2
• Creating Vulnerabilities: NFS Exports Mar 1
• Metasploit on Wintel Systems Feb 16
• Interesting DNS Stuff - SRV Records Feb 16
• Cachedump for Meterpreter in action Feb 14
• Updated: Password and Word lists Feb 11
• Patch Adams Feb 11
• Insider Threat Testing Jan 27

• Delicious Webapp Hacking Dec 25
• Wayback Webapp Hacking Dec 24
• Project Honeypot HTTP Blocklist module Dec 23
• Offensive and Defensive SSH Patching at NoVA Hackers Dec 5
• Silently uninstall SEP Nov 16
• Acceptable Questions Checklist Oct 1
• Revenge of the Bind Shell Sep 24
• Memory Forensics for Pentesters: Part 1 Sep 14
• Am I an Admin? Railgun Script Sep 13
• Rapid fire PSEXEC for Metasploit Sep 12
• Metasploit turns 10,000 Aug 13
• Jailbreak SSH horrors strike back Aug 4
• AV Tracker Aug 3
• Resources for railgun development Aug 3
• Intro to RailGun: WIN API for Meterpreter Jul 8
• Set Wallpaper Meterpreter Script Jun 28
• Get off my lawn! iPhone Geo Blocking Jun 25
• AV bypass made stupid Jun 3
• A very important link... Jun 1
• 0Exploit Privilege Escalation May 7
• Vuln Disclosure Summarized Apr 29
• Metasploit Cyberwarfare Apr 1
• Practical Exploitation Feb 23
• @RSnake ’s RFI List in Burp Suite Jan 30
• Security (CAN BE) an ART not a SCIENCE Jan 26
• grmn00bs podcast Jan 8

• Linked in to Twitter Dec 22
• Meterpreter tunneling and VNC revamped Dec 15
• Metasploit with Ruby 1.9.1 Dec 9
• 2009 Geek Christmas List Dec 3
• SHODAN The Computer Search Nov 24
• Brute-Forcing Compatibility Nov 19
• Stop blaming the admins! Nov 19
• A Simplified Astaro UTM now FREE to businesses Nov 18
• Why Room362? Nov 12
• Metasploit Blends in: New MSFPayload/ENcode Nov 3
• Getting your n00b fill of security Oct 26
• NoVA Hackers Oct 20
• Hacking Crazy Taxi Oct 17
• APPLE: A Modern Day Willy Wonka Story Oct 12
• Back on Twitter Oct 11
• Burp Tip of the Day - Nikto db import Oct 10
• Packet Captures with Meterpreter - 7zip - WinDump - and Nmap-ish Oct 3
• SquareSpace, New Design and Call for Contributors Oct 1
• Password / Word lists Sep 18
• GPU Hash / Password Cracking Sep 18
• Corrections and Questions about Nessus on Securabit Sep 16
• Pass the Hash Metasploit Demo Aug 26
• Simplicity is Security Aug 13
• Applied Network Security Density Aug 12
• Lies Aug 12
• Sexism and the religion of hackers Jul 13
• Local Security - DC-NoVA-MD Jun 29
• Metasploit Framework as a Payload Jun 26
• Security Tools I'm Looking For Part I Jun 17
• Getting your fill of Reverse Engineering and Malware Analysis Jun 12
• Rant Back – ValSmith Jun 11
• PassiveX fun with Metasploit Jun 10
• Getting your fill of Security May 29
• Couch to Career - Follow up May 23
• Workshop at ToorCamp with Dark0perator May 5
• Offensive Security Live Courses for 2009 Apr 29
• RSA Photos Apr 19
• Couch to Career in 80 hours or less Apr 17
• Kindle 2 Review: Putting The Fire Out Apr 8
• Manager Training Camp - Bootcamp Style Mar 14
• AnonymASS - Hiding Behind The Tubes Mar 13
• The Ethics of Teaching Hacking Mar 11
• OzymanDNS - Tunneling SSH over DNS Mar 10
• Metasploit <3s Microsoft Mar 9
• 2 Kindle or Not(ebook) 2 Kindle Mar 5
• Twitter API Problem Mar 4
• Metasploit heart's Microsoft Mar 2
• The Cowtown Computer Congress Opens Their Underground Lab Feb 26
• My iPhone runs Windows Feb 23
• Winning Hacker Competitions as Defenders Feb 20
• Bribing the Security Community Feb 16
• The History of the Internet - VIDEO Feb 13
• ShmooCon Tools Feb 12
• The Middler gets released at ShmooCon! Feb 7
• Metasploit Across the Net Feb 4
• Ear Trumpet Feb 3
• Bob Stories - Airport Boredom Feb 2
• Offensive Security Certified Professional Feb 1
• Retractions - Web App and SAMBA Jan 31
• Full Disclosure gets dusted off Jan 30
• TiVo for the Economically Unstimulated Jan 22
• Podcasters Meetup at ShmooCon Jan 21
• Podcaster's Meetup @ ShmooCon Update 1 Jan 20
• Maltego 2 and beyond - Part 3 Jan 13
• Random Thoughts - Web App Hacking Jan 7
• Speaking 102 - The Audience Perspective Jan 6

• Speaking Evolved Dec 26
• Using SAMBA to crack Unix passwords Dec 25
• BSODomizer - Cube Warfare and Beyond Dec 24
• Enterprise Security - Moving a Giant Dec 20
• Burp Suite v1.2 Released Dec 15
• Gmail Tasks Dec 14
• Ask and you shall receive - SumoLinux Dec 10
• Jasager: On the Defensive Dec 7
• Security Guards without guns Dec 6
• Maltego 2.01 Released Dec 6
• Ego Surfing or Caring? Dec 6
• GoPC links with ThinLinX Dec 5
• Gmail Snooze Button Nov 29
• SBN move to Lijit Nov 23
• Today in Dilbert Nov 21
• ShmooCon Room Sharing Nov 14
• Hack or Halo 5 at ShmooCon 2009 Nov 10
• McGoodies from operat0r Nov 7
• The Academy is giving away money! Nov 7
• A new look and feel Nov 7
• SC World Congress 2008 Nov 6
• Free Pass to CSI 2008 Oct 31
• Maltego Keygen Crack Torrent and Offensive Security Torrent Oct 24
• Hacker Media Oct 23
• USB Goodies 2008 Oct 16
• The Root of All Evil-(grade) Oct 12
• Social Engineering Challenges Back Oct 9
• Jasager - Past - Present and Future Oct 9
• Social Engineering Challenge #1 Answer Oct 9
• Social Engineering Challenge #1 Oct 8
• Mubix's Links Sep 29
• Maltego 2 and beyond - Part 2 Sep 26
• Love what you do Sep 23
• Confusion and Delay Sep 17
• Runtime Packers - hold the cheese Sep 11
• Maltego 2 and beyond - Part 1 Sep 8
• Google Docs Bug Sep 8
• Notepad is a virus Sep 7
• Chrome all polished up Sep 7
• LinkedIn Unavailable Sep 7
• Crazed Bovine Traversal in RL Sep 3
• Brass Tax on Chrome Sep 3
• Multi-Boot Security LiveCD DVD Aug 27
• DEFCON 16: The Tools not the Toools Aug 24
• Defcon presents come early! Aug 6
• Where do people find the time? Aug 6
• @MissRFTC makes twitter history Jul 31
• ATT partially patched. Yay! Jul 29
• Podcaster's Meetup @ DEFCON 16 Update 2 Jul 28
• Comcast Cares? Jul 22
• iPhone + ATT + DNS = Bad Juju Jul 22
• iPhone Apps vs iPhone Web Apps Jul 21
• Comcast: The start of a new series Jul 17
• Podcasters Meetup @ DEFCON 16 Jul 9
• CBT Response Jun 29
• Hacker steals Quake Jun 29
• Interactive Mode SUDO Jun 27
• Network Security Projects Using Hacked Wireless Routers Jun 24
• Maltego Goes Communal Jun 23
• Distributed Honeypot Project Jun 23
• Crazed Bovine Traversal Jun 17
• Vonage and Ekiga on SUSE Linux Jun 15
• Talking to Mud Jun 12
• I am Jack's unpropitious excitement Jun 11
• Microsoft making secret power plays? Jun 8
• Creators of New Jun 6
• ShmooCon 2008 Videos Hit the Shelves Jun 1
• Oregon Offers Tuition Waiver May 6
• Facebook chat - All that and a bag of cheesy poofs Apr 23
• The truth about hot air baloons Apr 20
• Phrack is back! Again. Apr 16
• Help Hak.5 buy some ramen! Apr 15
• Muppets roll 80s Apr 15
• Red Skelton's Pledge of Allegiance Apr 13
• NOT an April Fools joke Apr 1
• No Tech Hacking - Tip of the Hat Mar 16
• KVM MITM Feb 6
• Too busy to breath Jan 23

• Easter Island's SECRET REVEALED Dec 14
• BackTrack 3 Beta is out! Dec 14
• This is only a Test Nov 16
• Podcasters Meetup Nov 10
• They let me in. Muhaha Oct 31
• Time to shape up. Oct 29
• History is MAD Oct 29
• Oh Lord! Oct 24
• because I learned linux Oct 10
• George Carlin does Religion Oct 9
• Jericho thanks the people Oct 9
• Pen and Teller bust bottled water. Oct 9
• Automatix automated. Oct 9
• Logmein.com Oct 9
• Questions that need answering. Oct 8
• Judge Judy gains my respect Oct 7
• Youtube Prophecies Oct 5
• Cut your electricity bill in Half Oct 4
• HTC Kaiser gets US release date Sep 27
• (PIC) global Halo 3 usage map - live (as in right now) data Sep 27
• Official Microsoft Hackers Blog Sep 3
• Google Earth SKY Easteregg Aug 23
• How to beat carnival games! Aug 22
• SuprNova: The Legend Returns Today Aug 21
• Steve Jobs dead at 52 Aug 20
• Coupon Hacker Faces DMCA Lawsuit Aug 20
• It's time to Evolve Aug 18
• Skype wont let me log in! Aug 17
• Warning! A Linux Commercial. Aug 14
• Beginners Guide To Lock Picking [w /pics] Aug 14
• Nmap 127.0.0.1: Flash style Aug 13
• How to avoid tethered data charges on your Mobile device. Aug 11
• NBC Dateline Reporter flees Defcon 15 Aug 10
• DEFCON and an interview with Dark Tangent Aug 2
• Are you secure: Secunia to the rescue Aug 1
• Transformers Jul 31
• USB Sauces and the making of Apps Jul 12
• Wine Doors Jul 10
• USB Tools Torrent and more! Jul 7
• Linksys WRT54G Ultimate Hacking Jun 27
• Fonera Fun Jun 24
• USB Torrent Jun 12
• Multicast and some random thoughts Jun 1
• Michael Noah Fuller a.k.a. Mubix 2.1 May 14
• Hak.5 2x10 - USB Goodies with Encryption May 9
• Save Internet Radio, Save the World Apr 26
• Amazon Prices Increase! Apr 25
• Rememberance of Virginia Tech Apr 20
• NAC in use Apr 18
• Missed Shmoo? Now you can experience in the comfort of your home. Apr 10
• Think you can hack it in my world? Prove it. Apr 3
• ShmooCon infected with podcasters Mar 28
• Windows Vista Compatibility Feb 22
• On a RANT Feb 21
• Microsoft. What are you doing?! Feb 12
• BitLocker Feb 5
• Hak.5 Live Feb 5

• Christmas, New Years and a Keychain Dec 28
• Killer Coding Ninja Monkey University Sep 26
• Hak.5 Radio goes legit Sep 13
• techPhile is Back Aug 8
• StarCraft 2 Jul 27
• Birthday Wishes Jul 17
• Solid Potato Salad Jul 9
• An Interesting Flight Jun 26
• 100+ Photos Posted! Jun 20
• Connected in Japan Jun 17
• Technical Difficulties May 28
• Game Commentator’s Association May 27
• Happy Mother's Day May 14
• Time, Fedora, and other things 42 related. May 8
• Hak.5 Episode 9 Apr 6
• In other news Mar 28
• IE Users Anonymous Mar 18
• Internet Relay Abuse Mar 16
• Images from Leaked LOST episode Mar 5
• Alexander the Great. It's a boy! Mar 4
• Homage to Don Knotts Feb 26
• Happy Valentines Day! Feb 14
• Microsoft ignores another 0 day 'feature' Feb 14
• SploitCast, a Feburary baby, ShmooCon and Tax season Jan 29
• SploitCast hits the shelves! Jan 10
• Happy New Year Jan 7

• Another Baby! Dec 19
• TechTV Holiday Meetup Dec 15
• VPN Hacking Game Dec 14
• New IPTV Links Dec 6
• Hak.5 and techPhile merge for a day. Dec 4
• What happened!? Nov 30
• Brandon's Birthday Nov 14
• Promotion to Sergeant. Nov 2
• It's a Girl! Oct 14
• The Slashdot effect migrates to Digg.com Oct 11
• ShmooCon 2006 Oct 10
• Whitedust.net Oct 9
• Hackers are STUCK! Oct 7
• Windows Vista: Piracy protection Oct 5
• It's a boy! Oct 1
• America's Army: Kicking KDE to the Kurb Sep 21
• Reinvention of 007 + Back to the future = Really dumb idea Sep 19
• 616 Hits. No comments Sep 19
• TechTV back from the dead? Sep 17
• 12 Hour Shifts Sep 17
• R362 Approved Sep 6
• Transporter 2 Sep 5
• Badfoo.net Sep 3
• New "Advanced" Error system for Windows Vista Aug 16
• Gentoo enters the 21st Century Aug 16
• WEP Aug 14
• Back to the Basics Aug 12
• Intro to Programming (Java) Aug 7
• Brute Force Spam Aug 1
• Defcon Resolutions Aug 1
• Done Jul 31