Common Exploits - Exploitation Tools & Techniques For Penetration Testers

4th April 2017

Armadillo Sec Launches

Commonexploits has launched a new cyber security and training company, offering penetration testing, cyber security consultancy, IT health checks, Cloud based assessments and more. Our website and services: Our promotional video: Why are we called Armadillo?

0
6
0
0
0
6shares

Read

12th February 2017

Website Refresh

The commonexploits.com website was looking a bit old and dated. So we have dusted off the cobwebs and given it a lick of paint. It should now be easier to find tools etc.Stayed tuned for new posts.

0
5
0
0
0
5shares

Read

19th September 2016

44Con Conference

I gave a 45 minute presentation with live demos on VLAN hopping at 44Con.

12
2
0
0
0
14shares

Read

4th July 2014

Pen Testing Scripts

It has been a long time since I have posted on the blog, I have been very busy! I have created quite a few new scripts over the last year that I have finally shared and also have updated a few. These typically are scripts I have made for specific jobs I have been to […]

0
1
0
3
95
99shares

Read

17th May 2013

ICMP Shell Fun

Every now and then you will be onsite and find a locked down environment and no outbound internet access or DNS from the client systems, but the client systems can ping outbound to the internet. I haven’t up until now needed to do much with ICMP on jobs, as normally there are other ways out. But on a recent internal job […]

0
2
0
0
0
2shares

Read

7th May 2013

AV0id – Anti-Virus Bypass Metasploit Payload Generator Script

Introducing a simple script I have created to bypass most Anti-Virus products. This script is based on scripts I used whilst attempted to avoid A.V, credit to all authors of the mentioned scripts below for their research and work. This was just a very quick script I put together to make life a bit easier. […]

0
1
0
0
4
5shares

Read

9th January 2013

Ipad Extra Screen

Whilst working onsite today I was rather jealous of a colleague who had a nice fold flat USB external LCD for his laptop. It is always tricky when onsite and have multiple windows open or reading/writing reports etc so this looked like a great idea. I thought I will order one of those, then I remembered I […]

0
1
0
1
0
2shares

Read

19th December 2012

LazyMap – Lazy Nmap Scanning Script

Introducing LazyMap, a new script I have been working on. What does it do? It is simply a bash script that automates the NMAP tool to assist with internal network scans. Why use it? For anyone who has worked in a cold data centre will appreciate that running NMAP over many VLANs with cold hands […]

0
2
1
0
0
3shares

Read

18th December 2012

Mobile Phone Signal Boost – Three

A non security related post, but it might help others. I am currently with the Three network provider for my phone. I get a good 3G signal, but really struggle with signal in my house for txts and calls. Normally I will either have 1 signal bar or no signal at all. I was aware […]

0
1
0
0
0
1shares

Read

15th September 2012

Unquoted Service Paths

I have been playing with unquoted service paths/trusted paths the last few days and thought would write something up. Credit to Gavin Jones who introduced me to this issue, which to be honest I hadn’t heard of before and I normally only checked cacls and permissions of services. What is the issue? Basically it is related to the path […]

7
1
0
0
13
21shares

Read