Saturday, Sep 5th, 2015

mauvehed came down from Austin to give us an AHA! lesson and show us some physical security stuff. Sciatic demoed some TPM items in Windows I showed some ways to roll your own OTP system without Azure Rights Management (see: https://github.com/angelovescio/arms and http://theytookmyinterwebs.blogspot.com/2015/08/you-down-with-otp-you-know-me-how-to.html) Also, we moved the SAHA! schedule so pay attention to the dates […]

Tuesday, Jul 7th, 2015
Blog Roll Updated
by Angelo Plus+

Here are the SAHA!-affiliated blogs: https://scriptjunkie.us

Friday, Mar 6th, 2015
Extract NTDS.dit hashes
by Angelo Plus+

Go to this page to extract all the info you need to start cracking dem hashes. http://ntdsd.it/

Wednesday, Dec 17th, 2014

This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden characters extern crate getopts; extern crate redis; extern crate time; use redis::RedisResult; use redis::Value as RV; use […]

Thursday, Sep 11th, 2014

As pointed out in https://twitter.com/grsecurity/status/508354758940581888, there is some new fun in overwriting running executables in the upcoming Ubuntu release. It’s a kernel thing, so other distros are affected, but I’m going with the old standby Ubuntu. (thank you, sadbox for the inotify stuff) I’m just going to post findings, because they mostly speak for themselves. […]

Thursday, Mar 27th, 2014

http://cybernigma.blogspot.com/2014/03/using-sspap-lsass-proxy-to-mitigate.html NOTE: mitigate means to lessen or make less severe, not solve or completely get rid of. Please, see the definition at the top of the post.