User Enumeration Part 2 – Microsoft Office 365
By Mike Saunders | March 10, 2020
It’s not uncommon on external pen tests and red team engagements to find very little attack surface on the customer’s internet-facing networks. Customers have started shifting services to cloud providers, […]
Learn MoreSQLi Data Exfiltration via DNS
By Mike Saunders | November 30, 2018
Did you know you can use DNS queries to exfiltrate data from a database via SQLi? No? Then continue reading! I’ll walk through some techniques you can use to enumerate […]
Learn MoreMaintaining Session States in .NET Apps With Burp
By Mike Saunders | September 21, 2018
During a recent web app test, I encountered a situation when I would be randomly logged out of the application when running sqlmap. I wasn’t manipulating any of the session […]
Learn More