Home

Finding Jank, doing better penetration tests

2023-07-07 :: f3rn0s
#Creativity  #Rant  #Penetration Testing 
Why do I keep finding weird stuff?
→

Why you should be using reverse SOCKS

2023-05-18 :: f3rn0s
#SocksOverRDP  #ReverseSocks5  #Red Teaming 
Using Reverse SOCKS to punch a hole into private networks
→

Intro to Kubernetes (Security)

2023-02-18 :: f3rn0s
#Kubernetes  #Kubernetes Goat  #Vagrant  #Ansible 
Come down the rabbit hole 🕳 (one of us, one of us, one of us)
→

Msldap in Emergencies

2023-02-18 :: f3rn0s
#Active Directory  #LDAP  #Oh no everything is broken 
When everything goes wrong with your tools, but you still want to hack Active Directory
→

Exploiting VSphere credentials in 2023

2023-02-16 :: f3rn0s
#Active Directory  #VSphere  #Volatility 
Abusing VSphere Credentials without SharpSphere
→

Lateral movement inside a Kubernetes Cluster

2023-01-23 :: f3rn0s
#Kubernetes  #Cluster Pivoting 
Pivoting off a semi-privileged service account within a cluster
→

GoldenSAML in 2023

2022-12-19 :: f3rn0s
#Active Directory  #GoldenSAML  #ADFS  #Docker 
So you want to do a GoldenSAML attack but all the tools are broken 😎
→

Using a Leaked Kubernetes Config

2022-12-17 :: f3rn0s
#Kubernetes  #kubectl basics  #kubectl config  #kubectl contexts 
Performing a smash and grab using a leaked Kubernetes config
→

Kubernetes Pivot Off Service Token

2022-12-17 :: f3rn0s
#Kubernetes  #Service Accounts  #Dangerous Defaults  #kubectl 
AutomountServiceAccountToken is a dangerous default
→
© 2023 Powered by Hugo :: Theme made by panr