PinnedMatthew KeeleyinProDefenseSo you found Auth0 secrets, now what?Advanced Exploitation Techniques with Auth0 Credentials·7 min read·Dec 11, 2023--1--1
PinnedMatthew KeeleyinProDefenseLittle bug, Big impact. 25k bountyIntroduction·3 min read·Feb 24, 2023--8--8
Matthew KeeleyinProDefenseHawk’s Prey: Snatching SSH CredentialsCrafted in Golang, Hawk not only captures administrative credentials used by sshd, sudo, passwd, and su services but also exfiltrates them!4 min read·Apr 26, 2024----
Matthew KeeleyinProDefenseHacking Android Apps With FridaFinding AWS Credentials in Android Apps·3 min read·Feb 26, 2024----
Matthew KeeleyinProDefenseHacking the internet (literally)This week I published a new tool called GitScanner. Its a basic tool, that scans domains for publicly exposed .git folder.·2 min read·Sep 15, 2023--1--1
Matthew KeeleyinProDefenseHacking SEO: Getting to the Top with AI-Generated ContentHow to make your website the TOP Google search.·4 min read·Aug 6, 2023----
Matthew KeeleyinProDefenseAccessing Hundreds of RDS Databases with AD Credentials Using Python and JDBCOvercoming Network Domain Authentication Challenges to Achieve Large-Scale Database Access·3 min read·Aug 5, 2023----
Matthew KeeleyinProDefenseHow Abusing AWS CloudFormation Led to a Total Takeover of an AWS EnvironmentAttacking AWS CloudFormation·4 min read·Jul 1, 2023----
Matthew KeeleyinProDefenseSorting Your Way to Stolen PasswordsStealing password hashes using a character-by-character comparison method·10 min read·May 8, 2023----
Matthew KeeleyinProDefenseUnraveling the Bug Bounty Goldmine: Innovative Approaches for Success in 2023Get ahead in the bug bounty game with new strategies, tools, and platforms3 min read·Mar 21, 2023----