Our Blog

MAPI over HTTP and Mailrule Pwnage

Reading time: ~8 min
Posted by etienne on 01 September 2016
Categories: Pentest, Powershell, Reversing, Tools
History In December 2015 Silent Break Security wrote about “Malicious Outlook Rules” and using these to get a remote shell....

Hacking by Numbers – The mobile edition

Reading time: ~3 min
Posted by etienne on 19 August 2013
Categories: Mobile, Pentest, Training
West Coast in the house, well actually more like an African visiting Seattle for Blackhat’s West Coast Trainings. We’ve had...

Your first mobile assessment

Reading time: ~3 min
Posted by etienne on 20 May 2013
Categories: Mobile, Pentest, Training
Monday morning, raring for a week of pwnage and you see you’ve just been handed a new assessment, awesome. The...

Windows Domain Privilege Escalation : Implementing PSLoggedOn in Metasploit (+ a bonus history module)

Reading time: ~3 min
Posted by etienne on 22 April 2013
Categories: Howto, Metasploit, Pentest, Programming
There are multiple paths one could take to getting Domain Admin on a Microsoft Windows Active Directory Domain. One common...

CREST South Africa? Let’s talk…

Reading time: ~1 min
Posted by Charl van der Walt on 09 May 2012
Categories: .za, Community, Conferences, Pentest, Crest
First, some background on CREST in the form of  blatant plagiarism… CREST – The Council for Registered Ethical Security Testers...

Pentesting in the spotlight – a view

Reading time: ~9 min
Posted by Charl van der Walt on 07 May 2012
Categories: Conferences, Pentest, Presentations, Threat modelling
As 44Con 2012 starts to gain momentum (we’ll be there again this time around) I was perusing some of the talks...