S3 Buckets for Good and Evil

Amazon’s S3 buckets have been a hot topic lately and are worth taking a look at from both a red and blue perspective. Just last week, poor S3 bucket access control management has led to Verizon exposing approximately 14 million customer records, including customer service PINs. Just before that, a GOP analytics firm exposed 198…

Kraken: Web Interface Survey Tool

Introduction BLUF: Kraken is a web interface survey tool for offensive and defensive purposes that will screenshot and catalog web interfaces found through scanning. It can be found on my Github, which includes a wiki with detailed setup and usage information.   Evaluating web interfaces during a penetration test is, arguably, the biggest pain point…

Creeping on Users with WMI Events: Introducing PowerLurk

Introduction and Intent Since watching FireEye FLARE’s ‘WhyMI So Sexy?‘ at Derbycon last September, I have wanted to better understand WMI Events and apply them to offensive security operations. I saw the potential, but my comprehension was lacking and a comprehensive offensive WMI toolset did not exist. I was recently taken to school on WMI…

Getting Started: Powershell Empire

I decided to take some screenshots of Powershell Empire today while performing payload analysis. Below is a quick, down and dirty, walkthrough to get you going with Powershell Empire. Keep in mind I have only looked at the slideshow at this point. I really like the idea of using these instead of Meterpreter due to…