Obligatory OSCP Review

There may be an overwhelming amount of information available to those considering or attempting to pass the Offensive Security Certified Professional exam, but it is still a very common question among our readers and Twitter followers. Due to the continued interest, here are my 2 cents on the Penetration Testing with Kali course and subsequent OSCP exam. I’ll try to keep this as brief and as informative as possible.

[Read More]

Password Spraying ADFS with Burp

As many organizations are moving aggressively towards cloud based platforms, we as Red Teamers are coming more into contact with Federation services. Federations essentially extend authentication mechanisms from one system to another. These systems may be part of the same organization or completely separate. One of the most common implementations of this is Microsoft’s Active Directory Federation Servers (ADFS). For a good overview of securing ADFS, check out adsecurity’s article here. As these services are becoming more popular,

[Read More]