Resources

Infrastructure

Latest Infrastructure Resources

Never stop frontin: How to quickly setup a redirector and transparent reverse proxy

Protecting your infrastructure from prying eyes is an important part of landing a phish and maintaining access to a client’s network. The process of setting up redirectors and reverse proxies has traditionally been…

Read more

Creating Small Containers for Penetration Testing

In this article I show you how to create small containers that use up to date tools. By default, the Golang Docker container at its smallest is 123 MB. While seemingly small, this can result in annoying latency and… read more →

Penetration Testing Dropbox Part 3 - Provisioning

This is part 3 in a series about managing dropboxes for internal penetration testing. This part is all about provisioning a dropbox to be used with our OpenVPN server that we setup in [part… read more →

Penetration Testing Dropbox Part 2 - VPN Infrastructure

In part 2 we go beyond autossh and create a OpenVPN server that our dropboxes and pentesters will connect to. We'll walk through configurations and certificates needed for seamless connectivity. read more →

Penetration Testing Dropbox Part 1 - Hardware

Setup and managing a pentest dropbox infrastructure should be simple, reliable, and versatile. In part 1 we'll show you the hardware options, and in part 2 we'll go beyond autossh and create a OpenVPN environment that… read more →

Autored - Using Terraform to Quickly Launch Empire

This is the start of a series I'm calling Autored. My goal is to quickly stand up temporary systems I commonly use during an engagement. In this post I'll cover how to deploy an Empire server in AWS in less than 3… read more →

Protect your company with Sprocket

Know your threats when they emerge.

When your environment changes, or new threats affect your attack surface, we perform security testing. There is a lot more value from this modern approach to testing.

Request a quote Learn how it works

Continuous Penetration Testing Subscription

  • Pentests
  • Web App Testing
  • Red Teaming
  • Social Engineering
  • Adversary Simulations