Internet Enumeration and Discovery – Know Your Network Footprint

One of a company’s most important responsibilities is to know its network footprint. Many large corporations are compartmentalized, and different groups have different responsibilities that rarely overlap. It’s not uncommon for a company to have multiple class-C IP address ranges, along with third-party hosted websites, and not really realize they exist within the organization’s assets. … More Internet Enumeration and Discovery – Know Your Network Footprint

Who’s Slide Is It Anyway

Here are some presentations that I made for “Who’s Slide Is It Anyway”, “Slideshow Karaoke”, “Slideshow Roulette”, or whatever else you want to call it. They are pretty random, and a fun play on popular topics and buzzwords within the #InfoSec community. They are meant to be fun and technically inaccurate on purpose, and in … More Who’s Slide Is It Anyway

Make an Incomplete Nmap .xml File Usable Again

Make an Incomplete Nmap Scan .xml File Usable for Rawr and Other Applications That Accept .csv File-types This is a very non-technical how-to for newcomers who have found themselves in a situation where for some reason or another, their Nmap scan wasn’t able to complete. This can be a problem when you were planning on feeding … More Make an Incomplete Nmap .xml File Usable Again

Proxmark3 Resources

Resource to flash the Proxmark3 from the standard HF mode, to LF mode: https://legacysecuritygroup.com/index.php/projects/categories/9-rfid/7-proxmark-3-emulating-hid-tags-in-standalone-mode WINDOWS Download the github proxmark3 standalone LF emulator Master by Corey Harding —https://github.com/exploitagency/github-proxmark3-standalone-lf-emulator Run Easy Flash Utility for Windows .bat This tool is handy for reflashing your Proxmark3 for whatever you need it for Reference: https://www.youtube.com/watch?v=06DgTuJcMQ8 Plug in your Proxmark3 and … More Proxmark3 Resources

OSINT Resources

Here, we are going to document useful tools we utilize during the Open-Source Intellignce (OSINT) phase of our assessments. Feel free to send suggestions of tools/websites that you like to use as well. https://start.me/p/ELXoK8/bellingcat-osint-landscape A wealth of links broken down into different categories. Highly recommended! http://osintframework.com/ Excellent starting point! A well-maintained repository of well-known OSINT … More OSINT Resources

InfoSec Nashville

I had a great time speaking at the InfoSec Nashville event! This was my first time attending, and it’s certainly a well-ran conference. It was awesome of them to give my wife and daughter a badge as well, so that they could attend. I presented “Security Guards — LOL!”, and received some very positive feedback. … More InfoSec Nashville

DerbyCon 2017

What a blast this year! As always, DerbyCon was a huge success. Paul Oakenfold was great, DualCore always keeps it real, Busta is…well… and a big shout out to Dave Kennedy and team for putting together one of our favorite cons. On a sad and serious note, the community lost a dear friend to a … More DerbyCon 2017