So then Server 2016 is on its way and we’re currently getting the option to download Server Technical Preview 2.

So after an install the first thing you’ll notice is that there is no GUI, no it’s not broke, this is the route that Microsoft are pursuing with their Server line. It’s not a problem though, a simple few clicks and before you know it you’ll have a Desktop OS… Continue reading

So I was on a locked down Linux system this week with the inability to import any tools and I had to prove that strings could be identified in memory of certain processes.

Fortunately CentOS was installed which had gdb along with it so I took to writing a script to automate this work for me. (I had to test the processes in a number of different scenarios)

Basically the… Continue reading

So I decided to write a simple python port scanner but I wanted it to support to TCP, UDP, port ranges (22,23,135-139,443,445,3389 etc) and IP ranges(192.168.0.1/24, 192.168.10-20, example.com)

I also wanted to limit the libraries I used for use on locked down systems, thus, we only use socket, sys and argparse.

The first thing to do was get the code working for a single host and then slowly add bits… Continue reading

So it grinds my gears that every time I do a pentest I end up reporting the same sh!t every time. You’d think before I turn up you’d at least patch your kit, but nope!

Here’s a little Top 5 for sysadmins, project managers and security controllers to consider doing before I break their kit. And this relates specifically to infrastructure kit, if it’s a web application that I’m testing… Continue reading

So it grinds my gears that every time I do a pentest I end up reporting the same sh!t every time. You’d think before I turn up you’d at least patch your kit, but nope!

Here’s a little Top 5 for web developers to consider doing before I break their kit. If you also want to look after your kit the application is hosted on I suggest you read this… Continue reading