Our Blog

Our news

All you need to know

A new look at null sessions and user enumeration

Reading time: ~23 min
Hello, TLDR; I think I found three new ways to do user enumeration on Windows domain controllers, and I wrote...

Cracking Efficiency Measurements & Common Substring Attack

Reading time: ~5 min
This was an epic week for password cracking, we had lots of new hashes and lots of competition to see...

Linux Heap Exploitation Intro Series: Set you free() – part 1

Reading time: ~15 min
Intro (part 1) Hello and welcome to the final post of our Intro to exploitation series! We have learned the basics...

tip toeing past android 7’s network security configuration

Reading time: ~5 min
In late Jan, someone opened an Github issue in the objection repository about Android 7’s Network Security Configuration. The issue...

Fixing up Net-Creds

Reading time: ~6 min
TL; DR: I fixed-up net-creds and MITMf to solve the CHALLENGE NOT FOUND bug. A while back on an internal...