Our Blog
(local) AutoResponder
Reading time:
~1 min
Posted
by Paul
on
11 December 2015
When doing internals, usually an easy first step is to use Responder and wait to retrieve NTLM hashes, cracking them and...
AutoDane at BSides Cape Town
Reading time:
~6 min
Posted
by Dane Goodwin
on
07 December 2015
Given the prevalence of Microsoft Active Directory domains as the primary means of managing large corporate networks both globally and...
Into The Cloud
Reading time:
~12 min
Posted
by etienne
on
25 November 2015
SensePost Training in the Cloud Picture this. Every year, a group of Plakkers (our nickname for those who work at...
Wadi Fuzzer
Reading time:
~18 min
Posted
by saif
on
23 October 2015
“Operating system facilities, such as the kernel and utility programs, are typically assumed to be reliable. In our recent experiments,...
Abusing File Converters
Reading time:
~3 min
Posted
by etienne
on
01 October 2015
Every now and then you run into a new file format and you find that you may not have a...
Hi Jack!
Reading time:
~2 min
Posted
by chris
on
08 September 2015
No, this post is not about a Leon Schuster comedic skit from the early 90’s, YouTube reference here -> https://www.youtube.com/watch?v=JzoUBvdEk1k To...
[Another] Intercepting Proxy
Reading time:
~6 min
Posted
by etienne
on
03 September 2015
But, Websockets! The last week I was stuck on a web-app assessment where everything was new-age HTML5, with AngularJS and...
WiFi De-authentication Rifle:
Reading time:
~5 min
Posted
by saif
on
13 July 2015
Wireless: it’s everywhere these days and yet owning it never gets boring. As part of our annual SensePost hackathon, where...
Mobile Application Bootcamp – Journeyman Level – Black Hat Vegas 2015
Reading time:
~2 min
Posted
by Paul
on
12 June 2015
Mobile Course, O RLY? The mobile app market, and app usage, grew 76% in 2014 [1]. From shopping, utilities, productivity...
Running sslscan on 5k servers taken from Alexa’s top 10k
Reading time:
~1 min
Posted
by Paul
on
09 June 2015
Transport layer security has had a rough ride recently, with a number of vulnerabilities being reported. At a time when...
We need you to analyse the threats
Reading time:
~1 min
Posted
by adam
on
05 May 2015
Our Intelligence service team is growing and we are looking for a Threat Analyst to join us. Not only is...
Maltego Webinar Series: Episode 01, Introduction
Reading time:
Less than a minute
Posted
by glenn
on
20 April 2015
Hello Internet, We’re going to be hosting monthly Maltego webinar sessions, and our first one is this Friday (24th April)!...
Lovely Pwnies – Twitter Monitor
Reading time:
Less than a minute
Posted
by glenn
on
10 April 2015
Recently there were revelations about a GHCQ initiative called ‘Lovely Horses’ to monitor certain hackers’ Twitter handles. The guys over...
Break the Web at BlackHat Singapore
Reading time:
~2 min
Posted
by sara
on
09 March 2015
Web application security training in 2015? It’s a valid question we get asked sometimes. With the amount of books available...
SensePost Training
Reading time:
~3 min
Posted
by daniel
on
04 March 2015
Over those years, we’ve trained thousands of students in the art of offensive and defensive security through our Hacking by...
Improvements in Rogue AP attacks – MANA 1/2
Reading time:
~9 min
Posted
by Dominic White
on
23 February 2015
At Defcon 22 we presented several improvements in wifi rogue access point attacks. We entitled the talk “Manna from heaven”...
Commercial Snoopy Launch! [ ShadowLightly ]
Reading time:
~1 min
Posted
by glenn
on
16 January 2015
Hello world! We’ve been busy squireling away on a much requested project – a commercial Snoopy offering. We’ve called it...