Introducing Dumpscan

A convenient tool for extracting secrets from memory dumps

Bypassing Python3.8 Audit Hooks

First of all, if you think you’re being cool and edgy by still using Python2.7, I’m gonna need you to unthink that ASAP. Python2.7 is reaching end-of-life very soon and we should all be moving on up…to the 3 side…and finally get async with that Py. That joke might go over a lot of heads. Anyway, this post is likely to be the first in a multi-part series of talking about a new feature that is coming in Python 3....

BeaconGraph v0.69 Released

Why from v0.2 to v0.69? Cause I’m immature AF and it probably made you want to read this blog post. Back in October 2018, I released a tool called BeaconGraph after attending the SANS SEC617: Wireless Penetration Testing and Ethical Hacking course taught by James Vidal. I released a PoC of BeaconGraph after I realized that airgraph-ng could use a more modern look. However, that version of BeaconGraph was not very user-friendly, as it was more of a Proof-of-Concept than a usuable tool....

Pentesting With IronPython

After digging into IronPython more with the intent to create more modules for SILENTTRINITY, I decided I would release some of the other tools I’ve been working on. As Python is more my speed than C# and PowerShell currently are, I decided I would get more practice learning my way around the .NET Framework by converting C#/PowerShell scripts into IronPython to determine the limits of the language, if any. The best part is that since these tools primarily use the ....

SILENTTRINITY and the Python of Iron

A few weeks ago right after DerbyCon (which I wasn’t able to attend), I heard about a new post-exploitation tool called SILENTTRINITY by byt3bl33d3r, a tool developer with a l33t name with some pretty l33t tools (…I’ll stop now) such as CrackMapExec and DeathStar. This project is unique in that it utilizes Python, IronPython, and C#/.NET in order to perform post-exploitation activities similar to other frameworks such as Empire. The benefits of using a C#/....

Beacongraph v0.2 Released

Last week, I released a tool called BeaconGraph aimed at supporting wireless auditing. As of this post, v0.2 has been released with some pretty big improvements over the initial release and can be found by clicking the logo below. I’ll start by saying that I’m not a wireless engineer or auditor by any means. I’ve never even been a network engineer or a network administrator for anything more than 10 clients/servers....