8 min read
Attending CruiseCon 2025
A cybersecurity review of Ira Winkler's latest venture - real conversations and meaningful connections within the IT security community.
CybersecurityConferencesNetworking
Read ArticlePublications
28 articles covering Python penetration testing, cybersecurity tools, vulnerability management, and industry insights.
Articles
12 min read
Python Penetration Testing: Microsoft 365 Session ID Login
Bypassing MFA with session IDs - demonstrating how attackers can leverage session tokens to bypass multi-factor authentication in Microsoft 365 environments.
PythonPenetration TestingMicrosoft 365
Read Article
10 min read
Python Penetration Testing: This Team Must be Token
How to exfiltrate a Microsoft Teams clear text Auth Token - exploring security vulnerabilities in team collaboration platforms.
PythonMicrosoft TeamsToken Extraction
Read Article
11 min read
Python Penetration Testing: Hacking Multi-Factor Authentication
How I bypass MFA because open doors can be walked through - demonstrating vulnerabilities in MFA implementations.
PythonMFASecurity Bypass
Read Article10 min read
PowerShell System Port Scans
Using PowerShell for penetration testing when endpoint security blocks traditional scanning tools.
PowerShellPenetration TestingPort Scanning
Read Article
9 min read
Python Penetration Testing: Teams Work Makes the Dreams Work
How I use Python to gather juicy Microsoft Teams data - extracting sensitive information from collaboration platforms.
PythonMicrosoft TeamsData Extraction
Read Article
10 min read
Python Penetration Testing: File Transfers Using Google API
Moving internal files to an external Google Drive to show impact - demonstrating data exfiltration techniques.
PythonGoogle APIData Exfiltration
Read Article12 min read
The ROI On Enterprise Attack Simulation
Penetration testing as a strategic investment - demonstrating substantial returns for organizations through measurable risk reduction.
Attack SimulationROIEnterprise Security
Read Article
8 min read
Python Penetration Testing: Escaping the Matrix
How I GitOut and move exploited internal data to GitHub with Python - demonstrating code repository exfiltration.
PythonGitHubData Exfiltration
Read Article
11 min read
Python Penetration Testing: I Can't CONTAIN Myself
How I control multiple Docker containers and gather data - exploring container security vulnerabilities.
PythonDockerContainers
Read Article
10 min read
Python Penetration Testing: Connecting Multiple SQL Databases
Using single sign-on and pyodbc to gather data across multiple databases - demonstrating database enumeration techniques.
PythonSQLDatabase Security
Read Article7 min read
Is Cybersecurity Recession Proof?
Analyzing career stability in cybersecurity during economic downturns - demand for security professionals persists.
CareersCybersecurityIndustry Trends
Read Article
9 min read
Python Penetration Testing: SQL and Destroy
Discovering SQL databases on networks efficiently - automated database discovery techniques for penetration testers.
PythonSQLNetwork Discovery
Read Article
8 min read
Python Penetration Testing: Sharing is Caring
How I scan networks for vulnerable SMB shares using Python - identifying misconfigured file shares.
PythonSMBNetwork Security
Read Article
10 min read
Python Penetration Testing: Remotely Listing Services
How I discover vulnerable services on Windows and Linux - automated service enumeration across platforms.
PythonService DiscoveryWindows
Read Article
9 min read
Python Penetration Testing: Discovering Obfuscated Web Applications
Techniques for finding hidden web applications and endpoints that organizations may not realize are exposed.
PythonWeb SecurityReconnaissance
Read Article
12 min read
Python Penetration Testing: Using Hashcat and Python to Crack Passwords
Combining Hashcat with Python automation for efficient password cracking during security assessments.
PythonHashcatPassword Cracking
Read Article
8 min read
Python Penetration Testing: Extracting Contact Information from Outlook
Gathering organizational intelligence through Outlook contact extraction for social engineering assessments.
PythonOutlookOSINT
Read Article
10 min read
Python Penetration Testing: Running Multiple Scripts Simultaneously
Efficiently running multiple penetration testing scripts on multiple devices simultaneously for faster assessments.
PythonAutomationParallel Execution
Read Article
11 min read
Python Penetration Testing: Capturing and Filtering Web Application Packets
Harvesting credentials through packet analysis - demonstrating network traffic interception techniques.
PythonPacket AnalysisNetwork Security
Read Article
8 min read
Knowbe4 to Splunk
How to ingest Knowbe4 data to Splunk using HEC Tokens - integrating security awareness data with SIEM platforms.
SplunkKnowbe4SIEM
Read Article
9 min read
How I Move Web App Data to Splunk using HEC Tokens
Ingesting data from Knowbe4 PhishER into Splunk - building security data pipelines for better visibility.
SplunkHEC TokensData Integration
Read Article
10 min read
Vulnerability Management Tool Review: Tenable.io
Comprehensive review of Tenable.io for enterprise vulnerability management and security assessment.
TenableVulnerability ManagementTool Review
Read Article
9 min read
Cyber Incident Response Workflow Diagraming Tools
A comprehensive review of tools and techniques for documenting and visualizing incident response workflows.
Incident ResponseToolsWorkflow
Read Article
8 min read
Exploiting Local Admin Access
Understanding the risks of local admin access and strategies for implementing least privilege principles.
Privilege EscalationLocal AdminLeast Privilege
Read Article
11 min read
Creating a Vulnerability Management Policy
Guide to developing comprehensive vulnerability management policies for enterprise security programs.
PolicyVulnerability ManagementGovernance
Read Article
10 min read
Integrating Vulnerability Management into the Risk Management Strategy
Aligning vulnerability management with broader organizational risk management frameworks.
Risk ManagementVulnerability ManagementStrategy
Read Article
8 min read
Agile VS Waterfall
Evaluating project management approaches for multi-factor authentication implementation in security projects.
Project ManagementAgileWaterfall
Read ArticleVideos
Shorts
Stay Updated
Follow me on Medium to get notified when I publish new articles about cybersecurity, penetration testing, and information security.
Follow on Medium