PinnedJulian RunnelsinInfoSec Write-upsAbusing NTLM Relay and Pass-The-Hash for AdminThese techniques still hold their own in modern networks.Aug 12, 2021Aug 12, 2021
Julian RunnelsBasics of Web Application Testing — Cookies and SessionsReviewing cookie functionality, attacks and protections for web penetration testing.Jul 3, 2022Jul 3, 2022
Julian RunnelsinInfoSec Write-upsBypassing VPN MFA During a Pentest via Duo Inline Self-EnrollmentExploiting small configuration opportunities to bypass strong security.Mar 20, 2021Mar 20, 2021
Julian RunnelsinInfoSec Write-upsSANS Holiday Hack (Kringlecon) 2020 Write-up— Part 3This is the final part of my SANS Holiday Hack write-up covering Objectives 9–11.Jan 21, 2021Jan 21, 2021
Julian RunnelsinInfoSec Write-upsSANS Holiday Hack (Kringlecon) 2020 Write-up— Part 2Solving Objectives 5–8 and related side quests for the 2020 KringleCon CTF.Jan 21, 2021Jan 21, 2021
Julian RunnelsinInfoSec Write-upsSANS Holiday Hack (Kringlecon) 2020 Write-up— Part 1Solving Objectives 1–4 and related side quests for the 2020 KringleCon CTF.Jan 20, 2021Jan 20, 2021
Julian RunnelsinInfoSec Write-upsSetting up a WireGuard VPN Server Architecture for Internal Network AccessUtilize a Cloud C2 server and WireGuard to easily set up connections to private networks for pentesting or sysadmin.Nov 5, 20202Nov 5, 20202
Julian RunnelsinThe StartupSetting up a Private Password Vault in 5 Minutes with DockerInstalling a self-hosted and secure Bitwarden instance to take ownership of your dataApr 17, 202012Apr 17, 202012
Julian RunnelsinThe StartupAutomatically Deploy CloudFormation Stacks into Newly Created Accounts in AWS OrganizationUtilize newly added AWS functionality to automatically add your AWS Organization accounts to CloudFormation StackSets.Mar 10, 20201Mar 10, 20201
Julian RunnelsinThe StartupCraft — A Hack The Box AdventureExploiting a real world scenarioJan 4, 2020Jan 4, 2020