GraphQL APIs & Enumeration Basics
This blog post serves as an introduction to GraphQL. We will shine light on how the query language functions and some basic security considerations, as well as tools and techniques […]
How To
Find What Sparks Joy In Your Burp Suite Proxy History With Subtractive Scoping
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part Two) The “right tool for the job” isn’t always the perfect tool for the job, and if you have been using Burp […]
New Burp Suite Extension Blows Your SOCKS Off
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part One) If you have been using Burp Suite for a while, you probably have some ideas for small features or tweaks to […]
OSINT Challenge: Gralhix Challenge 005
This blog will focus on solving an OSINT (Open-Source Intelligence) challenge put out by Sofia Santos (“Gralhix”), a very skilled OSINT practitioner and contributor at the Center for Information Resilience […]
Credential Dumping Protections: Part 2 – Bypass LSA Protection
Welcome to Part 2 of the Windows Credential Dumping Protection series! If you are completely unfamiliar with Credential Dumping or LSA Protection, please check out Part 1! What Is LSA […]
How To Become A Penetration Tester
This year, I gave a talk at GenCyber at the Alexandria Technical College in northern Minnesota. As an all-week camp hosted for middle and high schoolers, it was a great […]
Nuclei Plugin & Burp Suite – Template Creation Guide
What Is Nuclei? Nuclei is a powerful open-source vulnerability scanner written in Golang. Aside from its excellent performance, it is a highly customizable tool due to its integration with YAML […]
Basics Of Soldering: Guide For Tech Enthusiasts
In the realm of technology, soldering holds significant importance. Whether you’re working with electronic devices or constructing tech projects, having a solid foundation in soldering is essential. This comprehensive guide […]
Credential Dumping Protections: Part 1 – LSA Protection
What Is Credential Dumping? In a Windows environment, users authenticate to their machines (either locally or remotely) with their username and password. Behind the scenes, Windows hands off all authentication […]
Hashcat Quick Guide Techniques & Tips
Password Cracking has its own large methodology when it comes to targeted methods of cracking passwords. You can consider English and other language models, passphrases, 1337sp34k translations, case MoDiFCaTiOn, distributed […]