JavaScript Object Notation with Padding (JSONP) is a technique created by web developers to bypass the Same Origin Policy which enforced by browsers to prevent…
Just another hacking blog...
JavaScript Object Notation with Padding (JSONP) is a technique created by web developers to bypass the Same Origin Policy which enforced by browsers to prevent…
A common requirement on internal network assessments is to know the fully qualified Windows domain name of the network. This is trivial to obtain if…
LanManager is an obsolete hashing format used by older versions of Windows. It is extremely weak as it first splits the password into two 7…
Group Policy preferences were introduced by Microsoft in Windows 2008 allowing administrators to configure unmanaged settings (settings which the user can change) from a centrally…
On a recent Web application test I encountered a new challenge. The Web application presented a Web API intended to be used by a mobile…
When releasing tools, and proof of concepts, to the industry and more often to clients, I find I need to provide a standalone executable that can…
A recent project of mine called for optical character recognition. After a brief Google search and a personal recommendation I decided to use tesseract because it…
At the time of writing I am working on a tool that utilities rdpy. I encountered some problems installing it so I thought I’d document…
TLDR: Python script to automate the extraction of hashes from ntds.dit and system files. Available here : https://bitbucket.org/grimhacker/esedbxtract. During an internal Penetration Test, once I’ve…
I recently had need to interpret bitfields with Python. I’m quite happy with the 3 lines of code that I came up with so I thought…