Dane Goodwin
Our Enterprise Infrastructure Hacking Course
Here at Orange Cyberdefense, clients often ask us to test and help secure their infrastructure. We do this a lot. We test clients, we test ourselves, and we set up labs to test new ideas and tools. We’ve become quite good at this, if we say so ourselves, and would love to share some of the lessons we’ve learned along the way with anyone that would be interested. That’s what our Enterprise Infrastructure Hacking course is all about: it’s our way of sharing what we’ve learned with you.
(Re)Evaluating Qubes OS as a pentesting platform
Intro Laptop hardening is difficult at the best of times, and it’s made worse by the conflicting requirements we have for our workstations. With one laptop, we need to have work email and chat set up, we need to be able to spin up lab environments to test cool stuff we’re interested in, and we need to be able to run various tools on client engagements that may require us to lower the security of our laptop to run properly. The go-to solution to squaring these requirements is to use something like VMWare or docker containers to keep things separate, but after trying out Qubes for a while, I’ve found that it’s improved my workflow significantly. However, no linux setup is perfect out the box, and in this post I want to note the biggest changes I’ve made to make the OS more usable as a daily driver.
Decoding RF Protocols Within GRC
I’ve been fascinated by SDR and everything you can do with it for a long time, and from a pentesters perspective, I thought it would be awesome to be able to fuzz random devices. RF devices are everywhere, and people have used SDR to mess with lots of devices, such as portable traffic lights, weather stations, and older car key fobs.
The thing is, getting started is much harder than I thought it would be as most tutorials are ambiguous, or much more manual that I’d like. There are lots of tutorials that describe how to find and view an RF signal, but they tend to end up with you counting square waves in audacity, and writing custom scripts to decode the bits you manually wrote down.
Not-quite-triangulation using the who’s near me feature in location-aware web apps
When assessing web applications, we typically look for vulnerabilities such as SQLi and XSS, which are generally a result of poor input validation. However, logical input validation is just as important, and you can get tons of interesting info if it’s not done properly.
Take the plethora of mobile apps that let you find people that are using the same app nearby. Logical validation on the coordinates you send should check that
AutoDane at BSides Cape Town
Given the prevalence of Microsoft Active Directory domains as the primary means of managing large corporate networks both globally and in South Africa specifically; one of the common first goals of many internal penetration tests is to get Domain Administrator (DA) level access. To assist with this, a plethora of tools and techniques exist, from the initial “in” through to elevation of privilege and eventually extracting and cracking all domain credentials.
Page 1 of 1