PaperMtn

Lil Pwny Rides Again: Streamline Your Active Directory Password Audits with the New 3.2.0 Update

By PaperMtn August 14, 2024Lil Pwnylil-pwny, password audit

I'm excited to announce the release of Lil Pwny 3.2.0, featuring powerful new enhancements to the Active Directory password auditing tool. This update brings significant improvements and new features. Following…

Slack Watchman Version 4.0.0 Release

By PaperMtn May 11, 2023Slack Watchman, Toolsslack, Slack Watchman

The new version 4.0.0 release of Slack Watchman contains some major upgrades and new features: Centralised signatures The biggest upgrade, in terms of maintenance, to Slack Watchman is the move…

Probing Slack Workspaces for Authentication Information and other Treats

By PaperMtn September 27, 2024Slack Watchman, Tradecraftslack, Slack Watchman1 Comment

Did you know that Slack provides some surprising information about a workspace to unauthenticated callers? Slack Watchman knows, and in this post I’m going to show you the information you…

Generating a Rich Custom Wordlist to use with Lil Pwny

By PaperMtn August 14, 2024Lil Pwny, Tradecraftactive directory, lil-pwny, password audit

As the number of data breaches continue to rise, safeguarding your Active Directory (AD) passwords from compromise is more important than ever. Lil-Pwny not only allows you to audit your…

Secrets Management – Managing Environment Variables with Direnv

By PaperMtn July 16, 2024Tradecraftapplication development, direnv, secrets management

Many of my tools, such as GitLab Watchman, are designed to find secrets hardcoded or added as files to code repositories. Handling secrets this way is a bad idea for…

Stack Overflow Watchman – Discovering Secrets in Stack Overflow Enterprise for Teams Sites

By PaperMtn May 6, 2024Stack Overflow Watchman, ToolsStack Overflow, Watchman

Stack Overflow Watchman After a break, where my attention has been focused elsewhere, I've been drawn back to one of my first loves, exposed secrets detection. The result is a…

TryHackMe: Squid Game – Attacker 5

By PaperMtn July 25, 2023TryHackMe WriteupsSquid Game, TryHackMe

This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom. This time we're looking at the last task - Attacker 5 We will…

TryHackMe: Squid Game – Attacker 4

By PaperMtn July 11, 2023TryHackMe WriteupsSquid Game, TryHackMe

This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom. This time we're looking at Task 5 - Attacker 4 For this task…

TryHackMe: Squid Game – Attacker 3

By PaperMtn July 11, 2023TryHackMe WriteupsSquid Game, TryHackMe

This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom.This time we're looking at Task 4 - Attacker 3 In this task we…

TryHackMe: Squid Game – Attacker 2

By PaperMtn July 11, 2023TryHackMe WriteupsSquid Game, TryHackMe

This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom. This time we're looking at Task 3 - Attacker 2 In this task,…

TryHackMe: Squid Game – Attacker 1

By PaperMtn July 11, 2023TryHackMe WriteupsSquid Game, TryHackMe

This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom. This challenge room is one of the few intended for blue teams on…