blog category
Industry Insights
Industry Insights
Decrypting the Forest From the Trees
TL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a managed client, service account credentials can be...
Mar 6, 2025 • 10 min read
Read Post
Industry Insights
Getting the Most Value Out of the OSCP: The PEN-200 Course
In this second post of a five-part series, I provide advice on how to best utilize...
Mar 4, 2025 • 15 min read
Read Post
Industry Insights
Getting the Most Value out of the OSCP: Pre-Course Prep
The first post in a five-part practical guide series on maximizing the professional, educational, and financial...
Feb 12, 2025 • 19 min read
Read Post
Industry Insights
PHISHING SCHOOL A Decade of Distilled Phishing Wisdom I decided to give away all of my phishing...
Aug 21, 2024 • 5 min read
Read Post
Industry Insights
Hiding C2 With Stealthy Callback Channels Write a custom command and control (C2) implant — Check...
Aug 14, 2024 • 12 min read
Read Post
Industry Insights
PHISHING SCHOOL Making Your Malware Look Legit to Bypasses EDR I wanted to write this blog about...
Jul 30, 2024 • 8 min read
Read Post
Industry Insights
PHISHING SCHOOL How to Make Your Phishing Sites Blend In As you read this, bots are coming...
Jul 9, 2024 • 12 min read
Read Post
Industry Insights
An AWS Administrator Identity Crisis: Part 1
BLUF: Every attack path needs a destination. This is a formalized way of describing destinations in...
Jun 28, 2024 • 11 min read
Read Post
Industry Insights
I Will Make you Phishers of Men
PHISHING SCHOOL Convincing Targets to Click Your Links When it comes to phishing advice, the number one...
Jun 25, 2024 • 21 min read
Read Post
Industry Insights
Phishing School How to Find the Right Phishing Targets A weapon is useless unless you have something...