I’m mostly interested in web application security, but dabble in a bit of everything.
Linux systems administration coupled with some Django/python development work. Did everything from physical server racking/installs to hosting public websites, and all the load balancing/DNS/containerization/dev work in between. I did that for about a year and a half, got OSCP, and a few months later I moved into a penetration testing role.
SharpFind is a tool written to provide some of the useful features of the Unix tool
find, such as writable files, recently modified files, wildcard searching, and it can identify .NET assemblies. Since it is written in .NET, you can use it over C2 in Cobalt Strike with
execute-assembly or Covenant using
sshspray is a multi-threaded python tool that can be used to spray ssh keys or passwords across a large number of hosts. I wrote this application as hydra did not have the capability to provide an SSH key.