I have just finished the new Metasploit: The Penetration Tester’s Guide book and thought would share my thoughts on this. I am not really a big fan of reading books, I tend to play about and work things out myself but I had to order this book the second I see it as Metasploit is a […]
Common Exploits Goes Mobile!

Yes you can now view common exploits with ease on your smart phone devices. It will auto detect and display a much more friendly version to your mobile device. Most pen testers are often travelling over the place to clients and a perfect way to view on your mobile. Hope you like it.
Armitage – Metasploit Free Management GUI

I came across something very cool today for Metasploit. Armitage has released a very nice gui management system to control Metasploit and make life easier to manage to exploit systems. Although I like to use non gui products, this is really something good and is like an open source Core Impact style system. It allows […]
Impersonating The Domain Administrator via SQL Server

A recent presentation I gave for 7Safe. It demonstrates how it is possible to fully compromise the domain using a fully patched Microsoft SQL server that has a firewall enabled. Using the SQL server I impersonate the domain administrator account without any passwords or password hashes being known or extracted. It also demonstrates the risk […]