Force TLS in .NET
Versions before ASP.NET 4.7 default to making outbound connections using TLS 1.0. This is a real problem for security for many reasons. It's now been deprecated with many CVEs. Some of these vulnerabilities make TLS 1.0 vulnerable to man-in-the-middle attacks. A lot of APIs will not accept incoming requests from TLS 1.0 because of this.
TLS 1.0...
UFW VPN KillSwitch
This script will force all traffic through the tunneling adapter and deny traffic through Wi-Fi or ethernet.
https://gist.github.com/mrjamiebowman/b139da2092409054452c4b1249c0f787
Offensive .NET: theZoo
If you've never heard of theZoo and you're in the security space with some .NET development skills this is a real treat for you. The GitHub repository, "theZoo", is a collection of binaries and source code of captured and caged malware. Digging through this I found some .NET malware that you may want to study. Most of...
Docker for Pentesters
Docker is truly one of the most fascinating changes to come to software development over the last 10 years. While the concept of containerization has been around since 1979; starting with the advent of chroot. Docker has revolutionized how containerization works. Docker made it easy to not only use containers but downloading fully functional environments can be...
CTF: Kioptrix 3
This is another OSCP like VulnHub that was very fun to do. I didn't have any issues rooting this one and was able to do it rather quickly.You will get practice with:
nmapmetasploitmysql clientfile privilege escalation
Enumeration
I start off with an arp-scan to find the local machine... and it turns out that my box is 192.168.0.46. Let's get this...
Hardening ASP.NET Response Headers (Code)
A reliable way to harden your ASP.NET web application is to remove and skew the response headers via code. This will throw off automated scans that are performing banner grabbing in an attempt to identify vulnerabilities. There are ways to do this in IIS, however, performing this in code means it's applied everywhere that the...
Offensive .NET: C# Reverse Shell
https://www.youtube.com/watch?v=NqwpwusH6WU
Creating a .NET C# reverse shell that is undetectable is very easy. In this example, I'm going to use BankSecurity's reverse shell that I forked. This is a real basic reverse shell. Some of the more advanced code will be obfuscated and do some sort of process injection which would include shellcode.
I'll show you how...
Upgrading Firmware on a Ubiquiti Edgerouter Lite with SSH
The Ubiquiti Edgerouter Lite provides the ability to create a virtual LAN (vLAN) for $129 dollars. This is a quality VPN solution that was highly recommend from someone who owns a data center. Seriously... well worth the money.
Upgrading my router from firmware version 1.2 was difficult because there is a bug...
Docker: Parrot OS Security
In an effort to make Parrot OS Security more portable the creators have been experimenting with Docker. They have successfully ported an enormous amount of functionality into a Parrot OS Security Docker image. This will make running Parrot OS Security anywhere possible. Because this is running in a Linux container the graphical user tools will not...
SharpLocker
SharpLocker is a tool that helps hackers steal Windows credentials by popping up a fake Windows lock screen. All of the output is sent to the console which is works well with Cobalt Strike or Metasploit. This is a tool that can be injected into memory to avoid detection.
How to use SharpLocker with Metasploit
Suppose you have a foothold on...
