Go’s concurrency model confused me at first, but it finally clicked when I thought of it like building an assembly line in Factorio| ropnop blog
Android Nougat changed the default behavior for apps, so installing the Burp CA to user certs no longer works. Here’s two ways to bypass it| ropnop blog
If you end up with a copy of NTDS.dit and the SYSTEM registry hive, you can extract domain computer info offline and user NTLM hashes for cracking.| ropnop blog
After compromising an OpenNMS server, I recovered salted password hashes. I couldn’t find any info online, so I reversed them and wrote a tool to crack them| ropnop blog
After my last report for work went out the door and my company entered its end-of-year shutdown period, I found myself at my parents house for several days for the holidays, relaxed and with nothing to do. I saw some people on Twitter talking about the SANS Holiday Hack Challenge, and decided I would finally give it a try. I started on Christmas Eve and after several days of borderline dangerous obsessive completion-compulsion, I had solved all the challenges.| ropnop blog