I created a little web app useful for looking up the User Account Control values displayed in a standard LDAP query from Active Directory. Most of the time this integer is obscured from the viewer ...
User Account Control Lookup
Cracking Easy Crypto
On any given CTF where crypto is involved, I almost always see basically the same challenge every time. You are given a background on how you’ve intercepted the encryption oracle, but not the decry...
Bit Flipping
Bit flipping is another one of those magical attack techniques that a lot of people seem to want to write off as “I think there’s a tool that does that automatically for you.” And yeah I’m sure the...
PyNigma, and How I Made It
I’ve said this before through various iterations, but some people work on cars, some build models, I write code to imitate an old cipher device from World War II. While I’ve named this code “PyNigm...
Mersenne Twister Predictor In Action
In a previous post, I explained the very broad mechanism of what to do to predict the Mersenne Twister pseudo-random number generator. I only posted the functions but never actually showed them in ...
Pseudo Random Number Generators (and why you should tread lightly)
I’ve always had some sort of weird nerdy interest in pseudo-random number generators. How is it that a computer, an object based solely on a deterministic approach to everything, can generate a num...
PExpect, the Forgotten Module
The title may be a bit exaggerated, but to be perfectly honest I feel that PExpect, the Python version of standard old Expect, is hardly ever mentioned in the many Infosec personalities I follow wh...
My Advanced Bash Cheat Sheet
Here are some of the more “advanced” concepts of using Bash. This has more of a pentesting lean, since that’s kind of what I do. Still though, I’m sure a lot of people could take something out of t...
My Bash Cheat Sheet
I use bash a lot. Say what you will of it, it’s a powerful shell. Sure I keep hearing that zsh is so much better, but I come from a system administrator background, so…while I think Zsh is neat to ...
Openssl
OpenSSL is one of those applications that I use so often, but rarely do I ever recall what I’m supposed to do from memory. I’m always looking it up or eventually copying down some of the more frequ...