Help
RSS
API
Feed
Maltego
Contact
Domain > legalbutfrownedupon.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Whois
Property
Value
NameServer
NS.PHX6.NEARLYFREESPEECH.NET
Created
2014-05-26 00:00:00
Changed
2016-04-01 00:00:00
Expires
2018-05-26 00:00:00
Registrar
GODADDY.COM, LLC
DNS Resolutions
Date
IP Address
2025-01-15
185.199.108.153
(
ClassC
)
Port 80
HTTP/1.1 200 OKConnection: keep-aliveContent-Length: 18963Server: GitHub.comContent-Type: text/html; charsetutf-8Last-Modified: Tue, 07 May 2024 04:33:09 GMTAccess-Control-Allow-Origin: *ETag: 6639af05-4a13expires: Wed, 15 Jan 2025 22:22:31 GMTCache-Control: max-age600x-proxy-cache: MISSX-GitHub-Request-Id: 32F2:110C:66BF0B:68CC0C:678832CFAccept-Ranges: bytesAge: 0Date: Wed, 15 Jan 2025 22:12:31 GMTVia: 1.1 varnishX-Served-By: cache-bfi-kbfi7400090-BFIX-Cache: MISSX-Cache-Hits: 0X-Timer: S1736979152.579885,VS0,VE103Vary: Accept-EncodingX-Fastly-Request-ID: d5fb7a0dfe0e4aa28ac455f72a3c907f078e8fee !doctype html>html langen >head>meta http-equivContent-Type contenttext/html; charsetUTF-8>meta nametheme-color media(prefers-color-scheme: light) content#f7f7f7>meta nametheme-color media(prefers-color-scheme: dark) content#1b1b1e>meta nameapple-mobile-web-app-capable contentyes>meta nameapple-mobile-web-app-status-bar-style contentblack-translucent>meta nameviewport contentwidthdevice-width, user-scalableno initial-scale1, shrink-to-fitno, viewport-fitcover >meta namegenerator contentJekyll v4.3.3 />meta propertyog:title contentLegal But Frowned Upon />meta propertyog:locale contenten />meta namedescription contentA minimal, responsive and feature-rich Jekyll theme for technical writing. />meta propertyog:description contentA minimal, responsive and feature-rich Jekyll theme for technical writing. />link relcanonical hrefhttps://legalbutfrownedupon.com/ />meta propertyog:url contenthttps://legalbutfrownedupon.com/ />meta propertyog:site_name contentLegal But Frowned Upon />meta propertyog:type contentwebsite />meta nametwitter:card contentsummary />meta propertytwitter:title contentLegal But Frowned Upon />meta nametwitter:site content@twitter_username /> script typeapplication/ld+json> {@context:https://schema.org,@type:WebSite,description:A minimal, responsive and feature-rich Jekyll theme for technical writing.,headline:Legal But Frowned Upon,name:Legal But Frowned Upon,sameAs:https://github.com/legalbutfrownedupon,url:https://legalbutfrownedupon.com/}/script>title>Legal But Frowned Upon/title>link relapple-touch-icon sizes180x180 href/assets/img/favicons/apple-touch-icon.png>link relicon typeimage/png sizes32x32 href/assets/img/favicons/favicon-32x32.png>link relicon typeimage/png sizes16x16 href/assets/img/favicons/favicon-16x16.png>link relmanifest href/assets/img/favicons/site.webmanifest>link relshortcut icon href/assets/img/favicons/favicon.ico>meta nameapple-mobile-web-app-title contentLegal But Frowned Upon>meta nameapplication-name contentLegal But Frowned Upon>meta namemsapplication-TileColor content#da532c>meta namemsapplication-config content/assets/img/favicons/browserconfig.xml>meta nametheme-color content#ffffff>link relpreconnect hrefhttps://fonts.googleapis.com >link reldns-prefetch hrefhttps://fonts.googleapis.com >link relpreconnect hrefhttps://fonts.gstatic.com crossorigin>link reldns-prefetch hrefhttps://fonts.gstatic.com crossorigin>link relpreconnect hrefhttps://fonts.googleapis.com >link reldns-prefetch hrefhttps://fonts.googleapis.com >link relpreconnect hrefhttps://cdn.jsdelivr.net >link reldns-prefetch hrefhttps://cdn.jsdelivr.net >link relpreconnect hrefhttps://cdnjs.cloudflare.com >link reldns-prefetch hrefhttps://cdnjs.cloudflare.com >link relstylesheet hrefhttps://fonts.googleapis.com/css2?familyLato&familySource+Sans+Pro:wght@400;600;700;900&displayswap>link relstylesheet hrefhttps://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css>link relstylesheet hrefhttps://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.5.1/css/all.min.css>link relstylesheet href/assets/css/jekyll-theme-chirpy.css>link relstylesheet hrefhttps://cdn.jsdelivr.net/npm/loading-attribute-polyfill@2.1.1/dist/loading-attribute-polyfill.min.css> script typetext/javascript> class ModeToggle { static get MODE_KEY() { return mode; } static get MODE_ATTR() { return data-mode; } static get DARK_MODE() { return dark; } static get LIGHT_MODE() { return light; } static get ID() { return mode-toggle; } constructor() { if (this.hasMode) { if (this.isDarkMode) { if (!this.isSysDarkPrefer) { this.setDark(); } } else { if (this.isSysDarkPrefer) { this.setLight(); } } } let self this; /* always follow the system prefers */ this.sysDarkPrefers.addEventListener(change, () > { if (self.hasMode) { if (self.isDarkMode) { if (!self.isSysDarkPrefer) { self.setDark(); } } else { if (self.isSysDarkPrefer) { self.setLight(); } } self.clearMode(); } self.notify(); }); } /* constructor() */ get sysDarkPrefers() { return window.matchMedia((prefers-color-scheme: dark)); } get isSysDarkPrefer() { return this.sysDarkPrefers.matches; } get isDarkMode() { return this.mode ModeToggle.DARK_MODE; } get isLightMode() { return this.mode ModeToggle.LIGHT_MODE; } get hasMode() { return this.mode ! null; } get mode() { return sessionStorage.getItem(ModeToggle.MODE_KEY); } /* get the current mode on screen */ get modeStatus() { if (this.isDarkMode || (!this.hasMode && this.isSysDarkPrefer)) { return ModeToggle.DARK_MODE; } else { return ModeToggle.LIGHT_MODE; } } setDark() { document.documentElement.setAttribute(ModeToggle.MODE_ATTR, ModeToggle.DARK_MODE); sessionStorage.setItem(ModeToggle.MODE_KEY, ModeToggle.DARK_MODE); } setLight() { document.documentElement.setAttribute(ModeToggle.MODE_ATTR, ModeToggle.LIGHT_MODE); sessionStorage.setItem(ModeToggle.MODE_KEY, ModeToggle.LIGHT_MODE); } clearMode() { document.documentElement.removeAttribute(ModeToggle.MODE_ATTR); sessionStorage.removeItem(ModeToggle.MODE_KEY); } /* Notify another plugins that the theme mode has changed */ notify() { window.postMessage( { direction: ModeToggle.ID, message: this.modeStatus }, * ); } flipMode() { if (this.hasMode) { if (this.isSysDarkPrefer) { if (this.isLightMode) { this.clearMode(); } else { this.setLight(); } } else { if (this.isDarkMode) { this.clearMode(); } else { this.setDark(); } } } else { if (this.isSysDarkPrefer) { this.setLight(); } else { this.setDark(); } } this.notify(); } /* flipMode() */ } /* ModeToggle */ const modeToggle new ModeToggle(); /script>body>aside aria-labelSidebar idsidebar classd-flex flex-column align-items-end>header classprofile-wrapper> a href/ idavatar classrounded-circle>img src/assets/lbfu-site-logo.png width112 height112 altavatar onerrorthis.style.displaynone>/a>h1 classsite-title> a href/>Legal But Frowned Upon/a>/h1>p classsite-subtitle fst-italic mb-0>Security Research and Development/p>/header>nav classflex-column flex-grow-1 w-100 ps-0>ul classnav>li classnav-item active> a href/ classnav-link> i classfa-fw fas fa-home>/i> span>HOME/span> /a>li classnav-item> a href/projects/ classnav-link> i classfa-fw fas fa-toolbox>/i> span>PROJECTS/span> /a>li classnav-item> a href/advisories/ classnav-link> i classfa-fw fas fa-biohazard>/i> span>ADVISORIES/span> /a>li classnav-item> a href/capture-the-flag/ classnav-link> i classfa-fw fas fa-flag>/i> span>CAPTURE THE FLAG/span> /a>li classnav-item> a href/about/ classnav-link> i classfa-fw fas fa-info-circle>/i> span>ABOUT/span> /a>/ul>/nav>div classsidebar-bottom d-flex flex-wrap align-items-center w-100> button typebutton classmode-toggle btn aria-labelSwitch Mode> i classfas fa-adjust>/i> /button> span classicon-border>/span> a hrefhttps://github.com/legalbutfrownedupon aria-labelgithub target_blank relnoopener noreferrer > i classfab fa-github>/i> /a> a hrefhttps://twitter.com/twitter_username aria-labeltwitter target_blank relnoopener noreferrer > i classfa-brands fa-x-twitter>/i> /a> a hrefjavascript:location.href mailto: + ,.join(@) aria-labelemail > i classfas fa-envelope>/i> /a> a href/feed.xml aria-labelrss > i classfas fa-rss>/i> /a>/div>/aside>div idmain-wrapper classd-flex justify-content-center>div classcontainer d-flex flex-column px-xxl-5>header idtopbar-wrapper aria-labelTop Bar>div idtopbar classd-flex align-items-center justify-content-between px-lg-3 h-100 >nav idbreadcrumb aria-labelBreadcrumb> span>Home/span>/nav>button typebutton idsidebar-trigger classbtn btn-link> i classfas fa-bars fa-fw>/i> /button>div idtopbar-title> Legal But Frowned Upon/div>button typebutton idsearch-trigger classbtn btn-link> i classfas fa-search fa-fw>/i> /button> search classalign-items-center ms-3 ms-lg-0> i classfas fa-search fa-fw>/i> input classform-control idsearch-input typesearch aria-labelsearch autocompleteoff placeholderSearch... > /search> button typebutton classbtn btn-link text-decoration-none idsearch-cancel>Cancel/button>/div>/header>div classrow flex-grow-1>main aria-labelMain Content classcol-12 col-lg-11 col-xl-9 px-md-4>div idpost-list classflex-grow-1 px-xl-1>article classcard-wrapper card> a href/posts/browser-pivot/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/browser-pivot-header.png altCobalt Strike Browswer Pivot loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>Getting the Most Out of Cobalt Strike’s Browser Pivot/h1>div classcard-text content mt-0 mb-3>p> The socks proxy and browser pivot features of Cobalt Strike are great tools to be able to access internal resources during a red team operation. While the browser pivot is a man-in-the-browser atta.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1576677600 data-dfll > Dec 18, 2019 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/Empire-Opsec/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/empire_banner.png altEmpire C2 Opsec loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>Customizing Powershell Empire to Avoid Detection/h1>div classcard-text content mt-0 mb-3>p> Powershell Empire is a very powerful post-exploitation framework for Windows environments. The tool has been gaining popularity since its release in 2015. As more red teams and malicious threat act.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1497657600 data-dfll > Jun 17, 2017 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/Def-Con-2016/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/dc16-banner.png altDEF CON CTF 2016 Writeup loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>DEF CON 2016 CTF Quals - XKCD/h1>div classcard-text content mt-0 mb-3>p> I recently participated in the 2016 DEFCON CTF qualifiers. This is a write-up for the XKCD challenge which was in the PWN category. http://download.quals.shallweplayaga.me/be4bf26fcb93f9ab8aa193efa.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1472256000 data-dfll > Aug 27, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/sars/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/sars_banner.png altSARS loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>SARS/h1>div classcard-text content mt-0 mb-3>p> SARS - Static Analysis Report on Sessions Summary SARS is an offline static analysis web application penetration testing tool that uses the XML output from Burp Suite and performs a number of secur.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1467763200 data-dfll > Jul 6, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/user-enum/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/userenum-banner.png altUserEnum loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>UserEnum - Identify Valid Users/h1>div classcard-text content mt-0 mb-3>p> Web Application UserEnum Tool Overview UserEnum makes multiple login attempts with a known bad username followed by multiple login attempts with a a list of usernames. Some web applications check f.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1457308800 data-dfll > Mar 7, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/honey-ports/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/hp_banner.png altHoney Ports loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>HoneyPorts/h1>div classcard-text content mt-0 mb-3>p> History HoneyPorts was originally released as an opensource project by Paul Asadoorian of PaulDotCom. The original code can be found here: HoneyPorts-0.4 New Features in 0.5 Multihreaded Run.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1451606400 data-dfll > Jan 1, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/dctf-2014/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/dctf-header.png altDCTF 2014 Writeup loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>D-CTF 2014 – Network 300/h1>div classcard-text content mt-0 mb-3>p> This was the Network 300 challenge from the recent D-CTF. Not many people solved this one and I got a lot of request for help in the IRC so I figured I would create write up for it. Reading the.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1415077200 data-dfll > Nov 4, 2014 /time>/div>/div>/div>/div>/a>/article>/div>/main>aside aria-labelPanel idpanel-wrapper classcol-xl-3 ps-2 mb-5 text-muted>div classaccess>section idaccess-lastmod>h2 classpanel-heading>Recently Updated/h2>ul classcontent list-unstyled ps-0 pb-1 ms-1 mt-2>li classtext-truncate lh-lg> a href/posts/Empire-Opsec/>Customizing Powershell Empire to Avoid Detection/a>li classtext-truncate lh-lg> a href/posts/honey-ports/>HoneyPorts/a>li classtext-truncate lh-lg> a href/posts/browser-pivot/>Getting the Most Out of Cobalt Strike’s Browser Pivot/a>li classtext-truncate lh-lg> a href/posts/Def-Con-2016/>DEF CON 2016 CTF Quals - XKCD/a>li classtext-truncate lh-lg> a href/posts/sars/>SARS/a>/ul>/section>/div>/aside>/div>div classrow>div idtail-wrapper classcol-12 col-lg-11 col-xl-9 px-md-4>footer aria-labelSite Info class d-flex flex-column justify-content-center text-muted flex-lg-row justify-content-lg-between align-items-lg-center pb-lg-3 >p>© time>2024/time> a hrefhttps://github.com/legalbutfrownedupon>Legal But Frowned Upon/a>. span data-bs-toggletooltip data-bs-placementtop titleExcept where otherwise noted, the blog posts on this site are licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) License by the author. >Some rights reserved./span>/p>p>Using the a hrefhttps://github.com/cotes2020/jekyll-theme-chirpy target_blank relnoopener>Chirpy/a> theme for a hrefhttps://jekyllrb.com target_blank relnoopener>Jekyll/a>./p>/footer>/div>/div>div idsearch-result-wrapper classd-flex justify-content-center unloaded>div classcol-11 content>div idsearch-hints>/div>div idsearch-results classd-flex flex-wrap justify-content-center text-muted mt-3>/div>/div>/div>/div>aside aria-labelScroll to Top> button idback-to-top typebutton classbtn btn-lg btn-box-shadow> i classfas fa-angle-up>/i> /button>/aside>/div>div idmask>/div>aside idnotification classtoast rolealert aria-liveassertive aria-atomictrue data-bs-animationtrue data-bs-autohidefalse >div classtoast-header> button typebutton classbtn-close ms-auto data-bs-dismisstoast aria-labelClose >/button>/div>div classtoast-body text-center pt-0>p classpx-2 mb-3>A new version of content is available./p>button typebutton classbtn btn-primary aria-labelUpdate> Update /button>/div>/aside>script srchttps://cdn.jsdelivr.net/combine/npm/jquery@3.7.1/dist/jquery.min.js,npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js,npm/simple-jekyll-search@1.10.0/dest/simple-jekyll-search.min.js,npm/loading-attribute-polyfill@2.1.1/dist/loading-attribute-polyfill.umd.min.js,npm/dayjs@1.11.10/dayjs.min.js,npm/dayjs@1.11.10/locale/en.min.js,npm/dayjs@1.11.10/plugin/relativeTime.min.js,npm/dayjs@1.11.10/plugin/localizedFormat.min.js>/script> script defer src/assets/js/dist/home.min.js>/script> script defer src/assets/js/dist/app.min.js>/script> script> /* Note: dependent library will be loaded in `js-selector.html` */ SimpleJekyllSearch({ searchInput: document.getElementById(search-input), resultsContainer: document.getElementById(search-results), json: /assets/js/data/search.json, searchResultTemplate: article classpx-1 px-sm-2 px-lg-4 px-xl-0>header>h2>a href{url}>{title}/a>/h2>div classpost-meta d-flex flex-column flex-sm-row text-muted mt-1 mb-1> {categories} {tags}/div>/header>p>{snippet}/p>/article>, noResultsText: p classmt-5>/p>, templateMiddleware: function(prop, value, template) { if (prop categories) { if (value ) { return `${value}`; } else { return `div classme-sm-4>i classfar fa-folder fa-fw>/i>${value}/div>`; } } if (prop tags) { if (value ) { return `${value}`; } else { return `div>i classfa fa-tag fa-fw>/i>${value}/div>`; } } } }); /script>
Port 443
HTTP/1.1 200 OKConnection: keep-aliveContent-Length: 18963Server: GitHub.comContent-Type: text/html; charsetutf-8Last-Modified: Tue, 07 May 2024 04:33:09 GMTAccess-Control-Allow-Origin: *ETag: 6639af05-4a13expires: Wed, 15 Jan 2025 22:22:31 GMTCache-Control: max-age600x-proxy-cache: MISSX-GitHub-Request-Id: D426:3E7752:5765D5:58EF51:678832CFAccept-Ranges: bytesAge: 0Date: Wed, 15 Jan 2025 22:12:31 GMTVia: 1.1 varnishX-Served-By: cache-bfi-krnt7300089-BFIX-Cache: MISSX-Cache-Hits: 0X-Timer: S1736979152.742835,VS0,VE71Vary: Accept-EncodingX-Fastly-Request-ID: ff199e358bf6fecbff82e0e8cfc0b6f07bcb6ddc !doctype html>html langen >head>meta http-equivContent-Type contenttext/html; charsetUTF-8>meta nametheme-color media(prefers-color-scheme: light) content#f7f7f7>meta nametheme-color media(prefers-color-scheme: dark) content#1b1b1e>meta nameapple-mobile-web-app-capable contentyes>meta nameapple-mobile-web-app-status-bar-style contentblack-translucent>meta nameviewport contentwidthdevice-width, user-scalableno initial-scale1, shrink-to-fitno, viewport-fitcover >meta namegenerator contentJekyll v4.3.3 />meta propertyog:title contentLegal But Frowned Upon />meta propertyog:locale contenten />meta namedescription contentA minimal, responsive and feature-rich Jekyll theme for technical writing. />meta propertyog:description contentA minimal, responsive and feature-rich Jekyll theme for technical writing. />link relcanonical hrefhttps://legalbutfrownedupon.com/ />meta propertyog:url contenthttps://legalbutfrownedupon.com/ />meta propertyog:site_name contentLegal But Frowned Upon />meta propertyog:type contentwebsite />meta nametwitter:card contentsummary />meta propertytwitter:title contentLegal But Frowned Upon />meta nametwitter:site content@twitter_username /> script typeapplication/ld+json> {@context:https://schema.org,@type:WebSite,description:A minimal, responsive and feature-rich Jekyll theme for technical writing.,headline:Legal But Frowned Upon,name:Legal But Frowned Upon,sameAs:https://github.com/legalbutfrownedupon,url:https://legalbutfrownedupon.com/}/script>title>Legal But Frowned Upon/title>link relapple-touch-icon sizes180x180 href/assets/img/favicons/apple-touch-icon.png>link relicon typeimage/png sizes32x32 href/assets/img/favicons/favicon-32x32.png>link relicon typeimage/png sizes16x16 href/assets/img/favicons/favicon-16x16.png>link relmanifest href/assets/img/favicons/site.webmanifest>link relshortcut icon href/assets/img/favicons/favicon.ico>meta nameapple-mobile-web-app-title contentLegal But Frowned Upon>meta nameapplication-name contentLegal But Frowned Upon>meta namemsapplication-TileColor content#da532c>meta namemsapplication-config content/assets/img/favicons/browserconfig.xml>meta nametheme-color content#ffffff>link relpreconnect hrefhttps://fonts.googleapis.com >link reldns-prefetch hrefhttps://fonts.googleapis.com >link relpreconnect hrefhttps://fonts.gstatic.com crossorigin>link reldns-prefetch hrefhttps://fonts.gstatic.com crossorigin>link relpreconnect hrefhttps://fonts.googleapis.com >link reldns-prefetch hrefhttps://fonts.googleapis.com >link relpreconnect hrefhttps://cdn.jsdelivr.net >link reldns-prefetch hrefhttps://cdn.jsdelivr.net >link relpreconnect hrefhttps://cdnjs.cloudflare.com >link reldns-prefetch hrefhttps://cdnjs.cloudflare.com >link relstylesheet hrefhttps://fonts.googleapis.com/css2?familyLato&familySource+Sans+Pro:wght@400;600;700;900&displayswap>link relstylesheet hrefhttps://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css>link relstylesheet hrefhttps://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.5.1/css/all.min.css>link relstylesheet href/assets/css/jekyll-theme-chirpy.css>link relstylesheet hrefhttps://cdn.jsdelivr.net/npm/loading-attribute-polyfill@2.1.1/dist/loading-attribute-polyfill.min.css> script typetext/javascript> class ModeToggle { static get MODE_KEY() { return mode; } static get MODE_ATTR() { return data-mode; } static get DARK_MODE() { return dark; } static get LIGHT_MODE() { return light; } static get ID() { return mode-toggle; } constructor() { if (this.hasMode) { if (this.isDarkMode) { if (!this.isSysDarkPrefer) { this.setDark(); } } else { if (this.isSysDarkPrefer) { this.setLight(); } } } let self this; /* always follow the system prefers */ this.sysDarkPrefers.addEventListener(change, () > { if (self.hasMode) { if (self.isDarkMode) { if (!self.isSysDarkPrefer) { self.setDark(); } } else { if (self.isSysDarkPrefer) { self.setLight(); } } self.clearMode(); } self.notify(); }); } /* constructor() */ get sysDarkPrefers() { return window.matchMedia((prefers-color-scheme: dark)); } get isSysDarkPrefer() { return this.sysDarkPrefers.matches; } get isDarkMode() { return this.mode ModeToggle.DARK_MODE; } get isLightMode() { return this.mode ModeToggle.LIGHT_MODE; } get hasMode() { return this.mode ! null; } get mode() { return sessionStorage.getItem(ModeToggle.MODE_KEY); } /* get the current mode on screen */ get modeStatus() { if (this.isDarkMode || (!this.hasMode && this.isSysDarkPrefer)) { return ModeToggle.DARK_MODE; } else { return ModeToggle.LIGHT_MODE; } } setDark() { document.documentElement.setAttribute(ModeToggle.MODE_ATTR, ModeToggle.DARK_MODE); sessionStorage.setItem(ModeToggle.MODE_KEY, ModeToggle.DARK_MODE); } setLight() { document.documentElement.setAttribute(ModeToggle.MODE_ATTR, ModeToggle.LIGHT_MODE); sessionStorage.setItem(ModeToggle.MODE_KEY, ModeToggle.LIGHT_MODE); } clearMode() { document.documentElement.removeAttribute(ModeToggle.MODE_ATTR); sessionStorage.removeItem(ModeToggle.MODE_KEY); } /* Notify another plugins that the theme mode has changed */ notify() { window.postMessage( { direction: ModeToggle.ID, message: this.modeStatus }, * ); } flipMode() { if (this.hasMode) { if (this.isSysDarkPrefer) { if (this.isLightMode) { this.clearMode(); } else { this.setLight(); } } else { if (this.isDarkMode) { this.clearMode(); } else { this.setDark(); } } } else { if (this.isSysDarkPrefer) { this.setLight(); } else { this.setDark(); } } this.notify(); } /* flipMode() */ } /* ModeToggle */ const modeToggle new ModeToggle(); /script>body>aside aria-labelSidebar idsidebar classd-flex flex-column align-items-end>header classprofile-wrapper> a href/ idavatar classrounded-circle>img src/assets/lbfu-site-logo.png width112 height112 altavatar onerrorthis.style.displaynone>/a>h1 classsite-title> a href/>Legal But Frowned Upon/a>/h1>p classsite-subtitle fst-italic mb-0>Security Research and Development/p>/header>nav classflex-column flex-grow-1 w-100 ps-0>ul classnav>li classnav-item active> a href/ classnav-link> i classfa-fw fas fa-home>/i> span>HOME/span> /a>li classnav-item> a href/projects/ classnav-link> i classfa-fw fas fa-toolbox>/i> span>PROJECTS/span> /a>li classnav-item> a href/advisories/ classnav-link> i classfa-fw fas fa-biohazard>/i> span>ADVISORIES/span> /a>li classnav-item> a href/capture-the-flag/ classnav-link> i classfa-fw fas fa-flag>/i> span>CAPTURE THE FLAG/span> /a>li classnav-item> a href/about/ classnav-link> i classfa-fw fas fa-info-circle>/i> span>ABOUT/span> /a>/ul>/nav>div classsidebar-bottom d-flex flex-wrap align-items-center w-100> button typebutton classmode-toggle btn aria-labelSwitch Mode> i classfas fa-adjust>/i> /button> span classicon-border>/span> a hrefhttps://github.com/legalbutfrownedupon aria-labelgithub target_blank relnoopener noreferrer > i classfab fa-github>/i> /a> a hrefhttps://twitter.com/twitter_username aria-labeltwitter target_blank relnoopener noreferrer > i classfa-brands fa-x-twitter>/i> /a> a hrefjavascript:location.href mailto: + ,.join(@) aria-labelemail > i classfas fa-envelope>/i> /a> a href/feed.xml aria-labelrss > i classfas fa-rss>/i> /a>/div>/aside>div idmain-wrapper classd-flex justify-content-center>div classcontainer d-flex flex-column px-xxl-5>header idtopbar-wrapper aria-labelTop Bar>div idtopbar classd-flex align-items-center justify-content-between px-lg-3 h-100 >nav idbreadcrumb aria-labelBreadcrumb> span>Home/span>/nav>button typebutton idsidebar-trigger classbtn btn-link> i classfas fa-bars fa-fw>/i> /button>div idtopbar-title> Legal But Frowned Upon/div>button typebutton idsearch-trigger classbtn btn-link> i classfas fa-search fa-fw>/i> /button> search classalign-items-center ms-3 ms-lg-0> i classfas fa-search fa-fw>/i> input classform-control idsearch-input typesearch aria-labelsearch autocompleteoff placeholderSearch... > /search> button typebutton classbtn btn-link text-decoration-none idsearch-cancel>Cancel/button>/div>/header>div classrow flex-grow-1>main aria-labelMain Content classcol-12 col-lg-11 col-xl-9 px-md-4>div idpost-list classflex-grow-1 px-xl-1>article classcard-wrapper card> a href/posts/browser-pivot/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/browser-pivot-header.png altCobalt Strike Browswer Pivot loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>Getting the Most Out of Cobalt Strike’s Browser Pivot/h1>div classcard-text content mt-0 mb-3>p> The socks proxy and browser pivot features of Cobalt Strike are great tools to be able to access internal resources during a red team operation. While the browser pivot is a man-in-the-browser atta.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1576677600 data-dfll > Dec 18, 2019 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/Empire-Opsec/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/empire_banner.png altEmpire C2 Opsec loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>Customizing Powershell Empire to Avoid Detection/h1>div classcard-text content mt-0 mb-3>p> Powershell Empire is a very powerful post-exploitation framework for Windows environments. The tool has been gaining popularity since its release in 2015. As more red teams and malicious threat act.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1497657600 data-dfll > Jun 17, 2017 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/Def-Con-2016/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/dc16-banner.png altDEF CON CTF 2016 Writeup loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>DEF CON 2016 CTF Quals - XKCD/h1>div classcard-text content mt-0 mb-3>p> I recently participated in the 2016 DEFCON CTF qualifiers. This is a write-up for the XKCD challenge which was in the PWN category. http://download.quals.shallweplayaga.me/be4bf26fcb93f9ab8aa193efa.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1472256000 data-dfll > Aug 27, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/sars/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/sars_banner.png altSARS loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>SARS/h1>div classcard-text content mt-0 mb-3>p> SARS - Static Analysis Report on Sessions Summary SARS is an offline static analysis web application penetration testing tool that uses the XML output from Burp Suite and performs a number of secur.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1467763200 data-dfll > Jul 6, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/user-enum/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/userenum-banner.png altUserEnum loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>UserEnum - Identify Valid Users/h1>div classcard-text content mt-0 mb-3>p> Web Application UserEnum Tool Overview UserEnum makes multiple login attempts with a known bad username followed by multiple login attempts with a a list of usernames. Some web applications check f.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1457308800 data-dfll > Mar 7, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/honey-ports/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/hp_banner.png altHoney Ports loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>HoneyPorts/h1>div classcard-text content mt-0 mb-3>p> History HoneyPorts was originally released as an opensource project by Paul Asadoorian of PaulDotCom. The original code can be found here: HoneyPorts-0.4 New Features in 0.5 Multihreaded Run.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1451606400 data-dfll > Jan 1, 2016 /time>/div>/div>/div>/div>/a>/article>article classcard-wrapper card> a href/posts/dctf-2014/ classpost-preview row g-0 flex-md-row-reverse>div classcol-md-5>div classpreview-img shimmer>img src/assets/images/dctf-header.png altDCTF 2014 Writeup loadinglazy>/div>/div>div classcol-md-7>div classcard-body d-flex flex-column>h1 classcard-title my-2 mt-md-0>D-CTF 2014 – Network 300/h1>div classcard-text content mt-0 mb-3>p> This was the Network 300 challenge from the recent D-CTF. Not many people solved this one and I got a lot of request for help in the IRC so I figured I would create write up for it. Reading the.../p>/div>div classpost-meta flex-grow-1 d-flex align-items-end>div classme-auto> i classfar fa-calendar fa-fw me-1>/i> time data-ts1415077200 data-dfll > Nov 4, 2014 /time>/div>/div>/div>/div>/a>/article>/div>/main>aside aria-labelPanel idpanel-wrapper classcol-xl-3 ps-2 mb-5 text-muted>div classaccess>section idaccess-lastmod>h2 classpanel-heading>Recently Updated/h2>ul classcontent list-unstyled ps-0 pb-1 ms-1 mt-2>li classtext-truncate lh-lg> a href/posts/Empire-Opsec/>Customizing Powershell Empire to Avoid Detection/a>li classtext-truncate lh-lg> a href/posts/honey-ports/>HoneyPorts/a>li classtext-truncate lh-lg> a href/posts/browser-pivot/>Getting the Most Out of Cobalt Strike’s Browser Pivot/a>li classtext-truncate lh-lg> a href/posts/Def-Con-2016/>DEF CON 2016 CTF Quals - XKCD/a>li classtext-truncate lh-lg> a href/posts/sars/>SARS/a>/ul>/section>/div>/aside>/div>div classrow>div idtail-wrapper classcol-12 col-lg-11 col-xl-9 px-md-4>footer aria-labelSite Info class d-flex flex-column justify-content-center text-muted flex-lg-row justify-content-lg-between align-items-lg-center pb-lg-3 >p>© time>2024/time> a hrefhttps://github.com/legalbutfrownedupon>Legal But Frowned Upon/a>. span data-bs-toggletooltip data-bs-placementtop titleExcept where otherwise noted, the blog posts on this site are licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) License by the author. >Some rights reserved./span>/p>p>Using the a hrefhttps://github.com/cotes2020/jekyll-theme-chirpy target_blank relnoopener>Chirpy/a> theme for a hrefhttps://jekyllrb.com target_blank relnoopener>Jekyll/a>./p>/footer>/div>/div>div idsearch-result-wrapper classd-flex justify-content-center unloaded>div classcol-11 content>div idsearch-hints>/div>div idsearch-results classd-flex flex-wrap justify-content-center text-muted mt-3>/div>/div>/div>/div>aside aria-labelScroll to Top> button idback-to-top typebutton classbtn btn-lg btn-box-shadow> i classfas fa-angle-up>/i> /button>/aside>/div>div idmask>/div>aside idnotification classtoast rolealert aria-liveassertive aria-atomictrue data-bs-animationtrue data-bs-autohidefalse >div classtoast-header> button typebutton classbtn-close ms-auto data-bs-dismisstoast aria-labelClose >/button>/div>div classtoast-body text-center pt-0>p classpx-2 mb-3>A new version of content is available./p>button typebutton classbtn btn-primary aria-labelUpdate> Update /button>/div>/aside>script srchttps://cdn.jsdelivr.net/combine/npm/jquery@3.7.1/dist/jquery.min.js,npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js,npm/simple-jekyll-search@1.10.0/dest/simple-jekyll-search.min.js,npm/loading-attribute-polyfill@2.1.1/dist/loading-attribute-polyfill.umd.min.js,npm/dayjs@1.11.10/dayjs.min.js,npm/dayjs@1.11.10/locale/en.min.js,npm/dayjs@1.11.10/plugin/relativeTime.min.js,npm/dayjs@1.11.10/plugin/localizedFormat.min.js>/script> script defer src/assets/js/dist/home.min.js>/script> script defer src/assets/js/dist/app.min.js>/script> script> /* Note: dependent library will be loaded in `js-selector.html` */ SimpleJekyllSearch({ searchInput: document.getElementById(search-input), resultsContainer: document.getElementById(search-results), json: /assets/js/data/search.json, searchResultTemplate: article classpx-1 px-sm-2 px-lg-4 px-xl-0>header>h2>a href{url}>{title}/a>/h2>div classpost-meta d-flex flex-column flex-sm-row text-muted mt-1 mb-1> {categories} {tags}/div>/header>p>{snippet}/p>/article>, noResultsText: p classmt-5>/p>, templateMiddleware: function(prop, value, template) { if (prop categories) { if (value ) { return `${value}`; } else { return `div classme-sm-4>i classfar fa-folder fa-fw>/i>${value}/div>`; } } if (prop tags) { if (value ) { return `${value}`; } else { return `div>i classfa fa-tag fa-fw>/i>${value}/div>`; } } } }); /script>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]