Scott Murray | Cybersecurity Consulting

scomurr.com

Automation, Security, Web Attacks

Pi-hole – Life Changer? Maybe…

The Internet seems to run on advertising – and that is fair. Companies and individuals need to find a way to monetize their products and data without hiding everything behind paywalls. With that being said, there are plenty of sites…

scomurr
07/26/2020

Security, Web Attacks

Practicing JWT Attacks Against Juice-Shop

I love attending the sessions put on by Black Hills Information Security when I can. Last week, the session was on JWT token attacks which I found very interesting. I wanted to see if I could mimic part of the…

scomurr
06/23/2020

OffSec, OSCP, Security

OSCP – My Beginning, My Fall, My Rise and My Resources – Just Like Batman

I officially got notice today (5/26/2020) that I passed my OSCP exam. I am going to keep this light with a focus on study resources as there are many and better writeups on how to tackle the OSCP. It took…

scomurr
06/02/2020

Hack Job, MCAS

MCAS – Device Identity via Certificates and Progressive Web Apps

I have a customer scenario where we needed to explore leveraging certificates in order to identify corporate Windows 10 machines for the purposes of preventing corporate data from being downloaded from O365 services to non-corporate assets. There are a few…

scomurr
04/21/2020

Hack Job, Security

Secure RDP – Using SSH Tunneling With Built-In Windows Features

So… Who knew? I didn’t. This is the screen for Settings -> Apps and Features -> Optional Features for both Windows Server 2019 as well as Windows 10. This was a very pleasant surprise. With that, I am always looking…

scomurr
01/22/2020