Our Blog
your contributions, today
Reading time:
~1 min
Posted
by Leon Jacobs
on
20 December 2023
Keynoting 0xcon in Johannesburg this year, I had the immense privilege of talking and sharing ideas about something that is...
Why defend harder won’t work in the long run and what to do instead – arrest criminals
Reading time:
~1 min
Posted
by Dominic White
on
12 December 2023
The whole of information/cyber security is founded on the idea that we can defend ourselves into security. But in the...
we’re going to bsides cape town 2023
Reading time:
~3 min
Posted
by Leon Jacobs
on
28 November 2023
Arguably one of the largest hacking conferences in South Africa, BSides Cape Town 2023 is around the corner and the...
P4wnP1 LTE updates
Reading time:
~11 min
Posted
by Rogan Dawes
on
27 October 2023
After publishing my blog post about running P4wnP1 on an LTE modem, where I explained how to install Linux and...
Reading Large Files and Perf
Reading time:
~4 min
Posted
by Dominic White
on
19 September 2023
One of the things that has often confused me is how little good advice there is for reading large files...
Dress Code – The Talk
Reading time:
~33 min
Posted
by Felipe Molina
on
23 August 2023
TL;DR This post is a summary of the contents of my talk in Defcon 31 AppSec Village last August 2023,...
Filter-Mute Operation: Investigating EDR Internal Communication
Reading time:
~21 min
Posted
by jeanpascal.thomas@orangecyberdefense.com
on
28 July 2023
For our annual internal hacker conference dubbed SenseCon in 2023, I decided to take a look at communication between a...
Orange Cyberdefense at Hacker Summer Camp
Reading time:
~3 min
Posted
by Szymon Ziolkowski
on
17 July 2023
It’s that time of year again where we head out to the desert, more specifically Las Vegas, for what is...
Browsers’ cache smuggling
Reading time:
~13 min
Posted
by aurelien.chalot@orangecyberdefense.com
on
10 July 2023
On red team engagements, I often use social engineering to get one of my client’s employees to run my malicious...
P4wnP1-LTE
Reading time:
~12 min
Posted
by Rogan Dawes
on
09 July 2023
I’ve written a couple of blog posts in the past in which I explain how to use Marcus Mengs’ truly...
select * from projectdiscovery join steampipe
Reading time:
~4 min
Posted
by Leon Jacobs
on
03 July 2023
Recently, I decided to take a look at Steampipe again. I like SQL and the structure it provides, and after...
an offensive look at docker desktop extensions
Reading time:
~39 min
Posted
by Leon Jacobs
on
30 May 2023
For our annual internal hacker conference dubbed SenseCon in 2023, I decided to take a quick look at Docker Desktop...
Investigating the Wink Hub 2
Reading time:
~15 min
Posted
by Rogan Dawes
on
26 May 2023
Rogan brought half of his hardware parts bin to the hackathon! Michael Rodger, Daniel Scragg, Isak van der Walt, Thulani...
hash-cracker – password cracking done effectively
Reading time:
~18 min
Posted
by Bart van Bodegom
on
05 April 2023
Intro I wrote a tool to help with cracking of hashes, today I finally decided to blog about it. The...
Protected Users: you thought you were safe uh?
Reading time:
~10 min
Posted
by aurelien.chalot@orangecyberdefense.com
on
31 March 2023
On the 31st of October 2022, a PR on CrackMapExec from Thomas Seigneuret (@Zblurx) was merged. This PR fixed Kerberos...
From BitLocker-Suspended to Virtual Machine
Reading time:
~6 min
Posted
by Reino Mostert
on
28 March 2023
On a recent red-team I was given a client laptop from which I was expected to simulate an insider-threat/employee laptop...
Decoding BlazorPack
Reading time:
~14 min
Posted
by Rogan Dawes
on
22 February 2023
TL;DR: I couldn’t make a custom BlazorPack editor work in Burp, so I used Mallet instead. From an indecipherable binary...
Jumping into SOCKS
Reading time:
~30 min
Posted
by Jacques Coertze
on
24 January 2023
On a recent internal assessment, we ran into a problem. While holding low-privileged access to an internal Windows host, we...