TL;DR - CVE North Stars is a tutorial that introduces a method to kickstart vulnerability research by treating CVEs as North Stars in vulnerability discovery and comprehension. Background This p...

Windows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year, and overcome some common RPC auditing pitfalls.

A survey of Windows Remote Procedure Call discovery tools and an attempt to understand how open source tools discover RPC servers, interfaces, and procedures.

The Google Chrome Releases blog provides CVE data one liners containing all the information needed to create a rich CVE data source. Google Chrome CVEs are plentiful and provide information for understanding Google Chrome security trends. Using the information available, I was able to create an enriched CVE data source to enhance the CVE Markdown Charts Github project.

CVE Markdown Charts - Your InfoSec reports will now write themselves. After writing several Infosec reports and researching popular CVEs, I discovered a means to create dynamic charts that help readers and myself understand various CVE relationships and their implications.

First steps in creating a modern Jekyll blog. Discover a simple development workflow leveraging Docker, Github, and Jekyll to create a great looking static site.