Information Security and Assurance Company with the goal of helping SMBs achieve compliance, as well as secure and protect their valuable assets.
I want to use my talents to make a tangible difference in the world so, I’ve created Hyperion Avenue Labs. We primarily provide technical consulting in regards to WordPress development, Data Centre Management and Security Consulting. A large majority of the profits will be distributed among non-profits.
03/17/2015
Good read...
http://0xthem.blogspot.in/2014/03/t-emporal-persistence-with-and-schtasks.html
Incursus Absconditus: Temporal Persistence with bitsadmin and schtasks
03/12/2015
New Malware Analysis Platform.
https://santoku-linux.com/
Santoku-Linux To make future updating of Santoku WAY easier for users, we’re hosting a repository. Set it up just once and get updates with package management instead of downloading a whole new iso.
Crack 802.11x in the Enterprise.
http://www.hyperionavenue.com/cracking-wifi-enterprise/
03/09/2015
Interesting read...
http://jumpespjump.blogspot.ca/2015/03/thousand-ways-to-backdoor-windows.html
Jump ESP, jump!: Thousand ways to backdoor a Windows domain (forest) Let me point you the BTA tool "https://bitbucket.org/iwseclabs/bta" which can also help you to discover backdoor in Active Directory
03/09/2015
http://www.hyperionavenue.com/finding-superfish-with-bro/
Finding SuperFish with Bro Superfish has made quite the appearance in the news, recently. In brief description, it is bloatware installed on Lenovo devices that cause a bit of a Man-In-The-Middle attack, by swapping out ssl certificates. In an effort to assist other in…
03/09/2015
http://www.hyperionavenue.com/pe*******on-testing-platform-quick-load-kali/
Pe*******on Testing Platform Quick-load – Kali When pentesting in groups or managing a small team of assessors, one of the primary challenges is quickly getting everyone on the same page. This isn't possible in all levels. However, it is our hope that this quick github script…
03/06/2015
http://www.hyperionavenue.com/using-gitrob-in-your-pe*******on-testing/
Using Gitrob in your Pe*******on Testing. Github is a remarkable place to collect data on a target, be it for a legitimate security engagement or to test your own security. It is a Ruby-based platform that can quickly build a local, searchable framework of all code…
03/05/2015
http://www.engadget.com/2015/03/04/the-faa-is-vulnerable-to-hacks/?ncid=rss_truncated
Government finds the FAA is vulnerable to hacks On the scale of extremely disconcerting government revelations, this isn't PRISM, but damn if it isn't alarming. The Government Accountability Office (GA
03/04/2015
People, stop firing up servers in your basement, unless you have a clear understanding of what the hell you are doing...
http://www.huffingtonpost.com/2015/03/04/clinton-ran-own-computer-_n_6797824.html
Hillary Clinton Ran Homebrew Computer System For Official Emails WASHINGTON (AP) — A House committee investigating the Benghazi, Libya, attacks issued subpoenas Wednesday for the emails of Hillary Rodham Clinton, who used a private account exclusively for official business when she was secretary of state &md...
03/04/2015
Catch me if you can... A quiet approach to post-exploitation.
http://www.hyperionavenue.com/post-exploitation-collecting-hashes-and-staying-off-the-disk/
Post-Exploitation – Collecting hashes and staying off the disk. In the many pe*******on tests that I've conducted, one of the primary goals is to collect data for the use of lateral movement through the network, in a way that does trigger any alarms or alert in Antivirus/Endpoint solutions. This…
03/02/2015
http://www.hyperionavenue.com/mandiant-m-trends-2015-released/
Mandiant – M-Trends 2015 Released I found this paper to be a pretty quick, insightful read that delivers two very clear messages. The attackers are getting far more advanced, as are their means of infiltration and resiliency to methods of removal. Second, corporations aren't investing…