ZephrSec - Adventures In Information Security (Page 2)

Sign in Subscribe

Certified Red Team Operator (CRTO) - Red Team Ops I Review

redteam Featured

Certified Red Team Operator (CRTO) - Red Team Ops I Review

TL;DR I passed! & The course was great!

2020 - A year of Ups and Downs

2020 - A year of Ups and Downs

This year has been interesting to say the least, a lot has happened and it has been full of great moments but equally upsetting and downer moments.

Learning The [Defence] Ropes 101 - Splunk Setup & Config

Learning The [Defence] Ropes 101 - Splunk Setup & Config

As an attacker I come across Splunk a lot but I've never deployed it. This blog post will deep dive into deploying it and querying the back end!

My First 2020 [NonTroll] CVE - DLL Hijacking in NVIDIA System Management Interface (SMI)

My First 2020 [NonTroll] CVE - DLL Hijacking in NVIDIA System Management Interface (SMI)

NVIDIA System Management Interface is vulnerable to DLL search order hijacking whereby an attacker can leverage execution to establish persistence on a machine using a malicious DLL file.

ZeroLogon(CVE-2020-1472) - Attacking & Defending

ZeroLogon(CVE-2020-1472) - Attacking & Defending

A handy walkthrough of CVE-2020-1472 from both a red and blue team perspective, how to detect, patch and hack ZeroLogon

Developing An Effective Security Program

informationsecurity

Developing An Effective Security Program

This post comes off the back of a series of tweets I made one morning, I decided that after a long thread it was probably better to combine into one post. So here it is folks. If you want to deploy a proper security program there are some key basics

WTF is Rainbow Teaming?

redteam Featured

WTF is Rainbow Teaming?

Alternative Title: 50 Shades of Teams Red Team, Blue Team, Purple Team, Black Team… Rainbow team? What are all of these things and what do they all mean? Is this a new case of a new found buzzword bingo or do they have a place and a purpose? The coloured

HoneyPoC: The fallout data after I trolled the Internet...

Research Featured

HoneyPoC: The fallout data after I trolled the Internet...

Following on from a pretty funny post, comes some raw data analysis for the data nerds out there. CVE-2020-1350 honeypoc fallout!

The Day I Trolled The Entire Internet: An Accidental Research Project on CVE-2020-1350

The Day I Trolled The Entire Internet: An Accidental Research Project on CVE-2020-1350

What do you get if you create a binary, a few bash scripts, a README and excellent timing? CVE-2020-1350

WeegieCast is Progressing

Weegiecast Featured

WeegieCast is Progressing

David Manuel [https://twitter.com/fuzz_sh ] and Andy Gill [https://twitter.com/ZephrFish] present WeegieCast 100% NSFW with some episodes. We've made it to 12 episodes so far go check them out https://blog.zsec.uk/dave-andys-weegiecast/ [https://blog.zsec.uk/dave-andys-weegiecast/] We have a few more guests lined

Hack The Box Struggle Throughs

Hack The Box Struggle Throughs

I've been streaming on twitch and uploading to YouTube shortly afterward, therefore here are the first two episodes, I'll update this post as and when I do more machines!

Roasting your way to DA - Build-Break-Defend-Fix

redteam Featured

Roasting your way to DA - Build-Break-Defend-Fix

Dive into both Kerberoasting and ASREP Roasting, looking at how they work, how to introduce them into an environment and how to fix them or where possible monitor and defend against them.

Quick Post: ESXi and Unifi

Quick Post: ESXi and Unifi

As an insomniac I often decide to do mad things at 4am... This time I decided to re-architect my lab network, why do I need to be nocturnally productive. Here's a short post on what I did to do it so you can achieve the same or similar. Note this

Build, Attack, Defend, Fix – Paving the way to DA

Build, Attack, Defend, Fix – Paving the way to DA

While most of us in the world of offensive security love getting domain administrator (DA) when doing assessments. How many of you know how the issue occurs, how to defend against it and how to properly remediate it?

LTR101: Writing or Receiving Your First Pentest Report

ltr101 Featured

LTR101: Writing or Receiving Your First Pentest Report

A penetration test report is more often tailored to multiple reading groups and as a result needs to be broken down into multiple sections for easier digestion by the business.

Mail Technologies(DKIM & DMARC) - Part 2

phishing Featured

Mail Technologies(DKIM & DMARC) - Part 2

Mail technologies(SPF, DKIM and DMARC) are important to understand from all sides. This post dives into DKIM and DMARC.

Mail Security - SPF - WTF

ltr101 Featured

Mail Security - SPF - WTF

Mail technologies(SPF, DKIM and DMARC) are important to understand from all sides.

Focus RS 2016 - Some Light Aesthetic Car Hacking

carhacking Featured

Focus RS 2016 - Some Light Aesthetic Car Hacking

Car hacking with Ford ForScan, adding SYNC3 changes and 5th Driving mode to 2016 Focus RS.

So You Want to Learn [Red] Teaming?

redteam Featured

So You Want to Learn [Red] Teaming?

Red Teaming is something that takes a bit of experience to actually nail, it's not something you expect to walk into after doing a four year uni course or something to pick up with little to no actual security experience.

DNS - Setting the Record Straight

ltr101 Featured

DNS - Setting the Record Straight

The domain name systems, more commonly referred to as DNS is essentially a phone book of the Internet. Ler's take a deep dive into DNS.

Bloodhound 2.2 - A Tool for Many Tradecrafts

redteam Featured

Bloodhound 2.2 - A Tool for Many Tradecrafts

Bloodhound is a tool for enumeration of an active directory environment. It maps out relationships between active directory objects and is useful for Pentesting and Red Teaming.

Surviving in the Ring: Expanding Your Horizons

ltr101 Featured

Surviving in the Ring: Expanding Your Horizons

Before We Dive in, thank you to each and every single person who has read, downloaded, purchased, shared and even copied my book! Following the success of my first book, it has been well received far and wide expanding the knowledge of individuals and allowing them to understand the basics

Mental Health and Security

NotHacking Featured

Mental Health and Security

Mental health and mental wellbeing is very important and is often overlooked in the security industry. This post discusses the four most common issues and proposes some solutions.

Leveraging Expression Language Injection (EL/OGNL Injection) for RCE

bugbounty Featured

Leveraging Expression Language Injection (EL/OGNL Injection) for RCE

Expression Language injection or EL Injection for short is an attack vector I'd never heard of until recently. This post talks about leveraging EL for RCE.

NMAP Tips: RTFM?

ltr101 Featured

NMAP Tips: RTFM?

NMAP TL;DR It's a tool used for portscanning and this post will explore some of the common and useful flags that can be used while scanning to pick up usful information about targets. What Is NMAP? Nmap or Network mapper is an open source tool for network discovery and

window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-90NCC2R7PE');