Welcome.
Shall we play a game?

If you are looking for my old blog, it is still at https://blog.m0noc.com/

Recent Posts

  • Insiders, Homeworking and Split-VPN
    As an adversary it is useful to establish a base of operations from within the target network that is not controlled by the target organisation. This avoids the need to circumvent various EDR/AV solutions that could not only block our actions, but worse, expose us to the target. Homeworking solutions can offer malicious insiders a … Read more
  • Lets Encrypt Inside
    For the first blog on this new site I wanted to talk about a simple technique to get LetsEncrypt certificates for internal devices (those not exposed to incoming Internet connections). Some may ask why do this – isn’t it exposing information about your internal network to the outside world. Well, yes. However, I want to … Read more