applied security research
AUTHOR
Rik van Duijn
Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber
Follow me
Blogs
Using MiTMProxy as a scriptable pre-proxy for BurpSuite
Rik van Duijn - 11 jul 2023
TLDR: you can use mitmproxy to modify stuff before it sent to Burp Proxy. Instruction below. Recently we were asked to asses a oldschool Java client server application. After configuring BurpSuite as a proxy and trusting the CA cert, we noticed the client communication still gave an error. It turned out the client and server […] Lees verderDecrypt passwords from Xerox Workcentre config backups
Rik van Duijn - 29 aug 2021
During a recent engagement we encountered Xerox WorkCentre printers using default credentials (admin:1111). Usually it’s just another finding, but this time we noticed the printer had SMB and e-mail credentials configured. For LDAP we usually point the printer to our own IP and get access to the plaintext creds that way. But in the case […] Lees verderOffice 365 audit logging
Rik van Duijn - 19 aug 2021
It’s important to enable audit logging for o365 even if you are not monitoring them actively. Atleast if you get hacked there’s logging to investigate :). The audit log is not always enabled by default, it seems to rely on license levels. However there are some important things to take into consideration. You can enable […] Lees verderAzure App Consent Policies
Rik van Duijn - 11 nov 2020
OAuth consent phishing has been on the rise for a while now. Unsurprisingly, Microsoft has gradually introduced measures to protect from this type of attack. Latest: Risk-Based Step-Up Consent. Lees verderHoneytokens using Azure Keyvaults
Rik van Duijn - 15 okt 2020
In 2017 Wesley and I gave a presentation at SHA2017 about honey/pot/tokens. We actually planned on building a fully fledged platform. But never came further then the POC phase of that project. This week we got a product demo from the guys at Thinkst, i’ve always loved this way of thinking: let the attacker come […] Lees verderDetecting BEC fraud using Azure Sentinel
Rik van Duijn - 17 jun 2020
Business Email Compromise (BEC) Fraud inflicts the most damage of all types of cybercrime, according to the FBI. How to detect such attacks using Azure Sentinel? Rik shares some actual possibilities. Lees verderPhishing aftercare
Rik van Duijn - 26 mei 2020
This blog is part of our Office 365 attack & defense series. We also maintain a Github page where we share our Office 365 tools and queries. We often get sent phishing emails by family and friends. Not to phish us but because we ask family and friends to forward them to us. Sometimes they […] Lees verderOffice 365 – Exchange rules
Rik van Duijn - 13 mei 2020
This blog is part of our Office 365 attack & defense series. We also maintain a Github page where we share our Office 365 tools and queries. Exchange rules can be useful in managing the emails we receive on a daily basis. For example, it allows users to automatically respond or move specific emails to […] Lees verderApplied Security Research; more than just a pay-off
Rik van Duijn - 28 apr 2020
Rik beschrijft wat Applied Security Research voor hem betekent. En hoe we als Zolder die pay-off in praktijk willen brengen. Lees verderWindows terminal profile fun
Rik van Duijn - 24 apr 2020
Rik plays around with the preview version of Windows Terminal to find manipulation options. Lees verderBlogs