Bypassing Anti-CSRF with Burp Suite Session Handling

Using Burp Suite to bypass anti-CSRF protections with the built-in Session Handling and Macro recorder.…

eLearnSecurity's Web Application Penetration Tester Review

My thoughts on eLearnSecurity's Web App Penetration Testing course.…

Bow Before the All Powerful CrackMapExec!!

CrackMapExec more commonly referenced as CME is a post-exploitation tool that helps automate assessing the security of Active Directory networks.…

Digging into DNS

Digging into DNS: how it works, how to get information from it, and how to utilize it during a penetration test.…

Visualizing Scans 2 - Dataiku

Using Dataiku DSS to generate graphs for reporting on pen tests.…