Our Blog

your contributions, today

Reading time: ~1 min
Keynoting 0xcon in Johannesburg this year, I had the immense privilege of talking and sharing ideas about something that is...

Why defend harder won’t work in the long run and what to do instead – arrest criminals

Reading time: ~1 min
The whole of information/cyber security is founded on the idea that we can defend ourselves into security. But in the...

we’re going to bsides cape town 2023

Reading time: ~3 min
Arguably one of the largest hacking conferences in South Africa, BSides Cape Town 2023 is around the corner and the...

Black Hat Card Deck CTF

Reading time: ~8 min
In 2023 we, the training team within Orange Cyberdefense and specifically Ulrich Swart, Matthew Hughes and myself, attempted to do...

P4wnP1 LTE updates

Reading time: ~11 min
After publishing my blog post about running P4wnP1 on an LTE modem, where I explained how to install Linux and...

Reading Large Files and Perf

Reading time: ~4 min
One of the things that has often confused me is how little good advice there is for reading large files...

Dress Code – The Talk

Reading time: ~33 min
TL;DR This post is a summary of the contents of my talk in Defcon 31 AppSec Village last August 2023,...

Filter-Mute Operation: Investigating EDR Internal Communication

Reading time: ~21 min
For our annual internal hacker conference dubbed SenseCon in 2023, I decided to take a look at communication between a...

Orange Cyberdefense at Hacker Summer Camp

Reading time: ~3 min
It’s that time of year again where we head out to the desert, more specifically Las Vegas, for what is...

Browsers’ cache smuggling

Reading time: ~13 min
On red team engagements, I often use social engineering to get one of my client’s employees to run my malicious...

P4wnP1-LTE

Reading time: ~12 min
I’ve written a couple of blog posts in the past in which I explain how to use Marcus Mengs’ truly...

select * from projectdiscovery join steampipe

Reading time: ~4 min
Recently, I decided to take a look at Steampipe again. I like SQL and the structure it provides, and after...

an offensive look at docker desktop extensions

Reading time: ~39 min
For our annual internal hacker conference dubbed SenseCon in 2023, I decided to take a quick look at Docker Desktop...

Investigating the Wink Hub 2

Reading time: ~15 min
Rogan brought half of his hardware parts bin to the hackathon! Michael Rodger, Daniel Scragg, Isak van der Walt, Thulani...

hash-cracker – password cracking done effectively

Reading time: ~18 min
Intro I wrote a tool to help with cracking of hashes, today I finally decided to blog about it. The...

Protected Users: you thought you were safe uh?

Reading time: ~10 min
On the 31st of October 2022, a PR on CrackMapExec from Thomas Seigneuret (@Zblurx) was merged. This PR fixed Kerberos...

From BitLocker-Suspended to Virtual Machine

Reading time: ~6 min
On a recent red-team I was given a client laptop from which I was expected to simulate an insider-threat/employee laptop...

Decoding BlazorPack

Reading time: ~14 min
TL;DR: I couldn’t make a custom BlazorPack editor work in Burp, so I used Mallet instead. From an indecipherable binary...

Jumping into SOCKS

Reading time: ~30 min
On a recent internal assessment, we ran into a problem. While holding low-privileged access to an internal Windows host, we...