Our Blog

using a cloud mac with a local ios device

Reading time: ~17 min
Doing iOS mobile assessments without macOS around is not exactly fun. This can be for many reasons that include code...

MAPI over HTTP and Mailrule Pwnage

Reading time: ~8 min
History In December 2015 Silent Break Security wrote about “Malicious Outlook Rules” and using these to get a remote shell....

Hacking by Numbers – The mobile edition

Reading time: ~3 min
West Coast in the house, well actually more like an African visiting Seattle for Blackhat’s West Coast Trainings. We’ve had...

Your first mobile assessment

Reading time: ~3 min
Monday morning, raring for a week of pwnage and you see you’ve just been handed a new assessment, awesome. The...

Windows Domain Privilege Escalation : Implementing PSLoggedOn in Metasploit (+ a bonus history module)

Reading time: ~3 min
There are multiple paths one could take to getting Domain Admin on a Microsoft Windows Active Directory Domain. One common...

CREST South Africa? Let’s talk…

Reading time: ~1 min
First, some background on CREST in the form of  blatant plagiarism… CREST – The Council for Registered Ethical Security Testers...

Pentesting in the spotlight – a view

Reading time: ~9 min
As 44Con 2012 starts to gain momentum (we’ll be there again this time around) I was perusing some of the talks...