Today I am open-sourcing SlackPirate; a tool I developed over the last couple weeks, designed to enumerate and extract sensitive/interesting/confidential data from a Slack Workspace.
Red teamers can use this during an assessment to extract sensitive information which can significantly contribute to the discovery/recon/enumeration phase of the assessment by analysing data such as credentials, internal system documentation and scripts, links to internal build systems, etc.
In this brief blog post I will discuss what I believe to be good practices to follow during the set-up and day-to-day usage of a Cryptocurrency hardware wallet; specifically the Ledger Nano S because it’s the one I use. This advice should still be useful for other hardware wallets as they’re all quite similar.
Late last year I decided to see how many misconfigured CI/CD (continuous integration and deployment) installations I could find on the internet. I decided to focus my research on one of the most popular CI/CD applications – Jenkins. This article isn’t an attack on Jenkins in any way shape or form – any piece of software and/or hardware can be configured incorrectly… it just so happens to be that CI/CD servers often host some very sensitive configurations – some of which I will come on to in a bit.
This is a quick blog about a bug I found in a private bounty program on Bugcrowd. The reason for me writing about it is to increase awareness around these issues and implementation flaws so that fellow bug bounty hunters/people in Infosec/developers can use the information in this article for the betterment of security.
In this article I will go through my findings and analysis on the Safe Links feature of Microsoft’s Office 365 Exchange Online Advanced Threat Protection.