Write up of my journey figuring out how to host the CLR and execute .NET assemblies from memory in pure Go.| ropnop blog
Docker has become such an integral part of my worfklow recently. These examples should demonstrate how Docker can help you be a more efficient pentester| ropnop blog
Default installations of Helm on Kubernetes can make it trivial for attackers to escalate to cluster admin. In this post I’ll demonstrate how.| ropnop blog
Serverless functions have so much potential - here’s a few useful examples I use when pentesting or doing bug bounties. Who needs testing infrastructure?| ropnop blog
The newest Windows 10 update includes OpenSSH utilities, including ssh-agent. Here’s how to extract unencrypted saved private keys from the registry| ropnop blog
Pentesters use PsExec style commands all the time, and in this post I’m going to explore and manually recreate the technique using native Windows tools.| ropnop blog
Du’h…if you have admin creds you can own a box. But how many different ways can you do it? Here’s a blog-ified version of my notes and my favorite methods| ropnop blog