Introducing BloodHound Scentry: Accelerate your APM practice. Learn More
Tag

Security

Azure Privilege Escalation via Azure API Permissions Abuse

Security

Azure Privilege Escalation via Azure API Permissions Abuse

Intro and Prior Work Microsoft’s Azure is a complicated system of principals, securable objects, and the...

Dec 1, 2021
Read Post
Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port

Security

Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port

Introduction EDIT 7/16/23: Chromium added protections against this technique. Additional details can be found here: https://slyd0g.medium.com/debugging-cookie-dumping-failures-with-chromiums-remote-debugger-8a4c4d19429f This...

Dec 17, 2020
Read Post
Abusing Bias Part One: Infrastructure

Security

Abusing Bias Part One: Infrastructure

I think about my social engineering skills as a byproduct of living a rebellious life. My...

Feb 4, 2019
Read Post
Threat Mitigation Strategies: Part 2 — Technical Recommendations and Info

Security

Threat Mitigation Strategies: Part 2 — Technical Recommendations and Info

The following information was composed by Andrew Chiles (@andrewchiles), Joe Vest (@joevest) and myself (@minis_io) for...

May 15, 2018
Read Post
Threat Mitigation Strategies: Observations and Recommendations

Security

Threat Mitigation Strategies: Observations and Recommendations

Full disclosure: This post is heavy on text. Much of the content is very broad and...

Jan 25, 2018
Read Post
Raphael’s Thoughts: SpecterOps acquires MINIS

Security

Raphael’s Thoughts: SpecterOps acquires MINIS

Today, SpecterOps announces its acquisition of MINIS LLC. The company is doing its social media thing to spread the...

Nov 1, 2017
Read Post