Security Consultant

The nullsploit engine is a work in progress exploitation framework. Currently only a limited number of exploits are available, but these should be stable across multiple Windows installations. Features currently…

Symantec Encryption Manager Server

June 7, 2016

Advisories

During a security assessment back in 2015 I came across a fully patched Symantec Encryption Management Server appliance. This product provides secure messaging both between users of the organization and…

conscan updated

June 7, 2014

Its been a while since an update to conscan has been made since it’s initial release last October. The new update introduces two new features: Username disclosureSingle threaded account brute-forcing…

BSides London Exploit Development

May 4, 2014

Blog

BSides London 2014 last week was my first attempt at teaching an exploit development class a group of people which I had never met before. On the whole, the hands…

conscan – Concrete5 CMS Vulnerability Scanner

October 26, 2013

Over the last year, I have been performing penetrative application tests, and there is a huge variety of different CMS frameworks available to businesses. One of the frameworks I have…

DEXs PM System Plugin Vulnerability

October 14, 2013

Advisories

Release Date 14 October 2013 Vendor Sam Brishes – http://www.pytes.net/ Affected Product Dexs PM System WordPress Plugin Version 1.0.1 Vulnerability Class Persistent tCross-Site Scripting Vulnerability Details The Dexs PM System…

SSL Private Key Password Cracker

August 31, 2013

Following a recent pentest I performed for a client I stumbled upon their private SSL certificate. The SSL key was password encrypted, thus could not be used directly without knowing…

Automated HTTP Enumeration

April 15, 2013

A tool I’ve been writing to enumerate the enabled HTTP methods supported on a webserver. Currently only in the initial beta stage, but includes basic checking of files including the…

Bypassing ASLR (Address Space Layout Randomization)

April 15, 2012

Whitepapers