Privacy
Grammarly taking more data than it should, a exploration and musings over the idea of privacy engineering in conjunction with application security assessments
Read more
Random
How to implement MFA in Ghost Blog with Cloudflare's Zerotrust Access Policy.
Read more
OffSec
The idea behind three word passwords as a concept is in my opinion a nice nudge in the right direction, In a perfect world, a passphase or a sentence
Read more
Exploitation
I wonder if any of these leaked email address domains are expired, and I wonder if I can buy them and inherit the identities associated with them via password resets
Read more
Random
Running a little port canary for half a year, observations, data, application, and thoughts.
Read more
Defence
Cross-referencing acquired credentials against public known, known bad credentials in a bid to really hit home the cultural change required. or just fully breaking down a target.
Read more
InfoSec
Get more from your ntds.dit data, generally we acquire this file to maul an environment, but there's a blue way to provide value without cracking a single hash, it's to count them.
Read more
Exploitation
If you have ever dismissed a search order binary plant attack because the folder from where it takes place doesn’t allow for writes without elevation?
Read more