7 min
Metasploit
Hiding Metasploit Shellcode to Evade Windows Defender
Being on the offensive side in the security field, I personally have a lot of
respect for the researchers and engineers in the antivirus industry, and the
companies dedicated to investing so much in them. If malware development is a
cat-and-mouse game, then I would say that the industry creates some of the most
terrifying hunters. Penetration testers and red teamers suffer the most from
this while using Metasploit [http://4hko.drordi.com/products/metasploit/], which
forced me to look into how to
7 min
Haxmas
The Twelve Pains of Infosec
One of my favorite Christmas carols is the 12 Days of Christmas
[http://www.youtube.com/watch?v=oyEyMjdD2uk]. Back in the 90's, a satire of the
song came out in the form of the 12 Pains of Christmas
[http://www.youtube.com/watch?v=h4NlR5KQLQ8], which had me rolling on the floor
in laughter, and still does. Now that I am in information security, I decided it
is time for a new satire, maybe this will start a new tradition, and so I am
presenting, the 12 Pains of Infosec.
----------------------
5 min
Antivirus
Finding and Protecting mission-critical assets with ControlsInsight
ControlsInsight helps organizations measure how well critical security controls
are deployed and configured throughout the enterprise. Yet, as hard you may
try, it's extremely difficult to protect every asset on your network perfectly,
and it's often necessary to prioritize "misson-critical" assets that store
important or sensitive business data. Clearly, securing the laptop computer of
Sally, the chief financial officer, is much more important than securing Joe the
intern's laptop, which prob
8 min
Metasploit
The Odd Couple: Metasploit and Antivirus Solutions
I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd
like to share some the information critical to understanding this problem. This
blog post is not designed to give you surefire antivirus (AV) evasion
techniques, but rather to help you understand the fundamentals of the issue.
A Quick Glossary
Before we begin, let's define a few terms. This will be important for
understanding some of the things we will discuss.
Payload: A payload is the actual code that is being del