Author Archives: scomurr

Practicing JWT Attacks Against Juice-Shop

I love attending the sessions put on by Black Hills Information Security when I can. Last week, the session was on JWT token attacks which I found very [..]

Security, Web Attacks

OSCP – My Beginning, My Fall, My Rise and My Resources – Just Like Batman

I officially got notice today (5/26/2020) that I passed my OSCP exam. I am going to keep this light with a focus on study resources as there are [..]

OffSec, OSCP, Security

MCAS – Device Identity via Certificates and Progressive Web Apps

I have a customer scenario where we needed to explore leveraging certificates in order to identify corporate Windows 10 machines for the purposes of preventing corporate data from [..]

Hack Job, MCAS

Secure RDP – Using SSH Tunneling With Built-In Windows Features

So… Who knew? I didn’t. This is the screen for Settings -> Apps and Features -> Optional Features for both Windows Server 2019 as well as Windows 10. [..]

Hack Job, Security, Uncategorized

MCAS Lab – Auto Updating Discovery Data with Sample Data

Maybe you have a need to demo Microsoft Cloud App Security to your customers. Maybe you have a need for a lab that has constantly updated discovery data. [..]

Automation, Hack Job, MCAS, PowerShell, Security