Why I didn't budget for a penetration test in 2024

BLUF Competing priorities, cost-consciousness, and lower-hanging security fruit were the reasons penetration didn’t make it into my AOP this year. I’m not in a highly regulated environment, though, so if regular penetration testing is a requirement, then your options are limited, but here are some things to consider. Analysis Each offensive security consultancy and penetration tester has their own methodlogy. Penetration testing isn’t guaranteed to find your most prevalent vulnerability, nor your most difficult, movie-plot security threat....

May 21, 2024 · 3 min · 570 words · Chris

Changing Direction

How my career is changing.

January 17, 2020 · 1 min · Chris

Public Bug Bounty Rules of Engagement

I share my experience and lessons learned from operating a public bug bounty.

April 9, 2019 · 2 min · Chris

A Lesson for Bug Bounty Researchers

I’m managing a bug bounty program that has shown tremendous benefit so far. Several findings have been extremely clever, and I’ve been fortunate enough to have good interactions with the vulnerability researchers. However, I’ve also had a few unsatisfactory interactions with researchers. This post is directed at Bug Bounty researchers that do not have much experience in corporate environments. I think a list of do’s and don’ts is appropriate for this breakdown....

October 20, 2017 · 4 min · Chris

RubberDucky Powershell Payload

On a recent engagement I supported the lead by developing a PowerShell payload for a RubberDucky. The gist is that it will run a handful of standard Windows commands and then e-mail the results to a specified address. It proved to be very helpful and I’ve included it below with comments: # Set execution policy to allow unrestricted script scope Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false #Create results file in current user's temp directory $results = $env:temp + '\results....

December 22, 2014 · 1 min · Chris

DerbyCon 4.0

Unfortunately, I didn’t arrive at the ballroom early enough to get seats, or even standing room, to see this talk in-person: Ed Skoudis: How To Give The Best Pen Test Of Your Life If you’re a Pen Tester, this talk is a must-see. Once you’ve finished that talk, check out John Strand’s excellent follow-up talk! After competing for Friday night, most of Saturday, and Sunday morning, I emerged as the 30th position (solo) out of the 120 teams competing in the CTF....

October 1, 2014 · 1 min · Chris

NetBIOS Name Spoofing and SMB

NBNS still works!

June 5, 2014 · 4 min · Chris

How to create a Metasploit module

Learn how to create a metasploit module

December 13, 2013 · 7 min · Chris

DNS Recon

Introductory methods for DNS reconnaissance.

November 22, 2013 · 6 min · Chris

Subdomain Enumeration

Techniques for performing subdomain enumeration information gathering.

October 7, 2013 · 3 min · Chris

Configure Your Environment

Customize your working environment to your liking

October 1, 2013 · 4 min · Chris

Reverse shell methods

Methods for obtaining reverse shells

September 30, 2013 · 3 min · Chris