Blog Posts
Notes on security, tools, side projects, and whatever else seemed worth writing up properly.
Most posts here are practical write-ups: things I've built, security observations, odd behaviours in tooling, or talks and experiments that felt worth recording somewhere more permanent than chat.
Most Recent Post

A while ago I gave a bit of a haphazard presentation on the art of password cracking at Steelcon in 2022. Having not needed to crack passwords in anger recently; I had completely forgotten about the quirks of understanding some of the more esoteric tools when it comes to managing your wordlists.
Previous Posts

So some of you may have seen my previous website over at https://blog.scriptmonkey.eu.

So it’s come around once again, EMFCamp is an event held every 2 years somewhere in the UK (usually south of England as far as i’m aware) where people from all walks of life come together to celebrate anything that’s geeky/nerdy or just plain cool!.

First… holy balls I have a blog still. No posts in ages (well 2016 but that post was written originally in 2013)!? crikey! Thing is life got in the way and information got shared and noted via other means. This doesn’t mean I wanted to leave me blog in the dust but it did mean that a quick message to a WhatsApp group or email to work colleagues was probably easier to share information than sitting down and penning a blog post.

So every quarter my company arranges an internal “conference” where the members of my team have to come up with some sort of presentation discussing research or learning that they have done in the past 3 months.

Why do I get excited whenever I am presented with a thin client, with an RDP or CITRIX or VMWare View session to a backend virtualised desktop?

I have tried to report this to Microsoft Security Response Center (@msftsecurity) and received this response:

So hopefully if you’re reading this you’ve seen mine and Matt Phillips (@phillips321) talk about Blinking Hell in the Rookie Stream at BSides London 2013.

So I’ve done a few posts in the past about getting command prompts from GPO’d workstations and running what’s known as “mobile code” in locked down environments (##, VBS, BAT, Bash, Python, Perl, etc…).

This is an old trick but I ended up doing it the other day just for kicks, it will only work on 32bit systems at the moment (edit.exe is a 16bit editor and won’t run on a 64bit OS).

This is probably a duplicate somewhere but I wanted it noted for my own use anyway – here’s a very handy VBS that does the job nicely for accessing useful commands as a user on a locked down desktop.

Cross posting some work of a friend of mine that I was helping with, I say “helping” in the lightest form of the word. (I had a domain controller ready to test, he didn’t).

To those not familiar with the world of NTFS. It offers a feature known as Alternate Data Streams which can allow a user to create hidden content attached to a file.

So it was the same as any other usual Friday, 10pm I’m shattered after a particularly taxing week at work so laying in bed reading a book (the rock and roll lifestyle of a social pariah) when I get a text from a colleague.

You have a website and you’ve proven it’s vulnerable to clickjacking, but what use is fooling a user into submitting a form unless you can specify some of the data that the user is submitting within those fields?.

Working on a script for extracting MS numbers for patches as part of my work. Just wanted to make a note of a quick one liner

Just a neat little way of thinking about logical vs syntax errors. Ever had to hunt high and low for a reason why something is not working as intended? Ever had an if statement that always evaluates as true? Yes?

Recently I had to fudge some data so that it would be imported into a database after an outage caused our “php” data loader to try and allocate a crazy amount of memory and die fantastically.
