Evading Antivirus with Better Meterpreter Payloads
Ever have meterpreter shells consistently fail? Anti-virus products may be causing your penetration tests to fall flat. By using unique encoded meterpreter shells you can avoid AV and elevate your penetration tests.
Tale of a Wormable Twitter XSS
This is a tale of how we found a wormable XSS on Twitter, and how we managed to fully bypass its CSP policy.
AWS Penetration Testing Part 2. S3, IAM, EC2
Unlike ACLs and bucket policies, IAM policies are targeted at IAM users/groups instead of S3 buckets and objects.
AWS Penetration Testing Part 1. S3 Buckets
Amazon Web Services (AWS) provides some of the most powerful and robust infrastructure for modern web applications.
The jQuery Security Model Explained
Wireless Penetration Testing Guide: Part 1 – Intro And Basics
Regardless if you work in Security, Compliance, IT, or management, it is a near 100% chance that you have encountered wireless networks in the enterprise before.