SensePost | Blog

Mail in the Middle – A tool to automate spear phishing campaigns

Reading time: ~15 min

Posted by Felipe Molina on 26 February 2024

Categories: Phishing, Tool, Typosquatting

Context In the chilly month of December 2023, my colleagues Jason (@BreakerOfSigns), Szymon (@TH3_GOAT_FARM3R), and myself (@felmoltor) were on a...

Reading time: ~20 min

Posted by Rogan Dawes on 06 February 2024

Categories: Hardware, Mitm, Programming, Techniques, Tool

Sometimes you need to get in the way of a hardware device and its controller, and see what it has...

Reading time: ~30 min

Posted by Jacques Coertze on 24 January 2023

Categories: Post-exploitation, Research, Tool, Socks

On a recent internal assessment, we ran into a problem. While holding low-privileged access to an internal Windows host, we...

Reading time: ~10 min

Posted by Leon Jacobs on 08 February 2021

Categories: Docker, Tool, Attack, Pwn

Years ago I learnt docker basics because I just couldn’t get that $ruby_tool to install. The bits of progress I’d...

Reading time: ~6 min

Posted by Michael Kruger on 04 November 2020

Categories: Email, Python, Tool

Something I have found myself doing more and more often is using Exchange Web Services (EWS) to bypass 2FA. I...

Reading time: ~8 min

Posted by Michael Kruger on 25 June 2019

Categories: Defcon, Relay, Rogue-ap, Tool, Wifi

Back in 2018, I was interested that MSCHAPv2 and NTLMv1 hashes crack using the same algorithms, and wanting to get...

Reading time: ~4 min

Posted by stuart on 11 January 2016

Categories: Fun, Research, Tools, Maltego, Skype, Tool, Transforms

Collecting and performing Open Source Intelligence (OSINT) campaigns from a wide array of public sources means ensuring your sources contain...