Shaun WhortonCertifried & Bloodhound: Active Directory Certificate Services AbuseCVE-2022–26923, commonly referred to as ‘Certifried’ is doing the rounds, and it really is a nasty vuln. I posted a video on LinkedIn last…May 22, 2022May 22, 2022
Shaun WhortonActive Directory Certificate Services: Domain DominanceWhen I’m taking part in a penetration test or red team engagement, I love digging down into the intricacies of Active Directory…Mar 21, 2022Mar 21, 2022
Shaun WhortonPNPT: Practical Network Penetration Tester — ReviewI’ve been on a bit of a certification rollercoaster as of late; in the space of three months I’ve taken CRTP, eCPPT and now, the PNPT…Jan 13, 20222Jan 13, 20222
Shaun WhortoneCPPT: eLearnSecurity Certified Professional Penetration Tester — ReviewI recently completed my eCPPT exam and submitted my report for grading. At the time of writing, I am yet to recieve my results, but I…Jan 5, 2022Jan 5, 2022
Shaun WhortonCVE-2021–40290In this blog post, I’ll share the recent vulnerability I found in a CMS, how I found it and a POC exploit.Nov 5, 2021Nov 5, 2021
Shaun WhortonCRTP — Certified Red Team Professional ReviewIn October 2021 I undertook and successfully passed the Certified Red Team Professional certification, which is offered by Pentester…Nov 3, 20211Nov 3, 20211