Shaun WhortonCertifried & Bloodhound: Active Directory Certificate Services AbuseCVE-2022–26923, commonly referred to as ‘Certifried’ is doing the rounds, and it really is a nasty vuln. I posted a video on LinkedIn last…·5 min read·May 22, 2022----
Shaun WhortonActive Directory Certificate Services: Domain DominanceWhen I’m taking part in a penetration test or red team engagement, I love digging down into the intricacies of Active Directory…·5 min read·Mar 21, 2022----
Shaun WhortonPNPT: Practical Network Penetration Tester — ReviewI’ve been on a bit of a certification rollercoaster as of late; in the space of three months I’ve taken CRTP, eCPPT and now, the PNPT…·7 min read·Jan 13, 2022--2--2
Shaun WhortoneCPPT: eLearnSecurity Certified Professional Penetration Tester — ReviewI recently completed my eCPPT exam and submitted my report for grading. At the time of writing, I am yet to recieve my results, but I…·7 min read·Jan 5, 2022----
Shaun WhortonCVE-2021–40290In this blog post, I’ll share the recent vulnerability I found in a CMS, how I found it and a POC exploit.·4 min read·Nov 5, 2021----
Shaun WhortonCRTP — Certified Red Team Professional ReviewIn October 2021 I undertook and successfully passed the Certified Red Team Professional certification, which is offered by Pentester…·5 min read·Nov 3, 2021--1--1