Red Teaming gaps and musings

A Process is No One: Hunting for Token Manipulation

Fuzz your smartphone from 4G base station side

Clippy for the Dark Web: Looks Like You’re Trying to Buy Some Dank Kush, Can I Help You With That?

Synfuzz: Building a Grammar Based Re-targetable Test Generation Framework

Escoteric Hashcat Attacks

NOOb OSINT in 30 Minutes or less!

RFID Luggage Tags, IATA vs Real Life

#LOL They Placed Their DMZ in the Cloud: Easy Pwnage or Disruptive Protection

Maintaining post-exploitation opsec in a world with EDR

Hey! I found a vulnerability – now what?

Foxtrot C2: A Journey of Payload Delivery

Ridesharks

Tales From the Bug Mine - Highlights from the Android VRP

Decision Analysis Applications in Threat Analysis Frameworks

How Russian Cyber Propaganda Really Works

Make Me Your Dark Web Personal Shopper!

Driving Away Social Anxiety

Off-grid coms and power

CTFs: Leveling Up Through Competition

Mapping wifi networks and triggering on interesting traffic patterns

Extending Burp to Find Struts and XXE Vulnerabilities

Introduction to x86 Assembly

Pacu: Attack and Post-Exploitation in AWS

An Inconvenient Truth: Evading the Ransomware Protection in Windows 10

Brutal Blogging - Go for the Jugular

RID Hijacking: Maintaining Access on Windows Machines

Your Training Data is Bad and You Should Feel Bad

So many pentesting tools from a $4 Arduino

Patching: Show me where it hurts

Advanced Deception Technology Through Behavioral Biometrics

We are all on the spectrum: What my 10-year-old taught me about leading teams

No Place Like Home: Real Estate OSINT and OPSec Fails

The Layer2 Nightmare

Attacking Azure Environments with PowerShell

Blue Blood Injection: Transitioning Red to Purple

Mirai, Satori, OMG, and Owari - IoT Botnets Oh My

Comparing apples to Apple

How online dating made me better at threat modeling

Threat Hunting with a Raspberry Pi

M&A Defense and Integration – All that Glitters is not Gold