Releases

Office 365 Audit Logging and Email scams

We’re coming across more and more instances of Office 365 accounts with suspicious activity. Unfortunately the logging defaults in Office 365 are unsatisfactory and a little additional configuration is required to improve the effectiveness of the logging, especially in regards to user activity.


Adventures with the Ducati CAN bus

In this article I’ll be taking a look at the CAN bus network in a 2009 Ducati 848. How to find the bus, confirm the high and low lines with a scope and analyse messages with a Linux box and socket-CAN. The aim of the game is to identify a way to get onto the bus, and then analyse the messages going across the bus. We’ll end up figuring out how to log the throttle position and RPM data, how the immobilizer is implemented and how to bypass it.


Extracting JavaScript from Sourcemaps

Sourcemaps are intended to make debugging minified JavaScript less of a pain. This article will take a closer look at Sourcemaps and discuss retrieving the original source code tree from a downloaded Sourcemap file.


Shells - brought to you by the letter 'R'

Can you tell me how to get, how to get shells on OpenCPU…


Red Team vs Pentest

When it comes to offensive security, engagements can be broadly broken up into two categories: Penetration testing and red teaming. Understanding the differences between the two is essential when attempting to verify the security of an application, network or organisation.