SensePost

@[email protected]
478 Followers
74 Following
124 Posts
Orange Cyberdefense's SensePost Team
wwwhttps://sensepost.com/blog
twitterhttps://twitter.com/sensepost
SensePostJul 31, 2025

Reverse engineering Microsoft’s SQLCMD.exe to implement Channel Binding support for MSSQL into Impacket’s mssqlclient.py. Storytime from Aurelien (@defte_), including instructions for reproducing the test environment yourself.

https://sensepost.com/blog/2025/a-journey-implementing-channel-binding-on-mssqlclient.py/

SensePostJun 26, 2025
Adriaan was struggling to get an interactive shell on the *nix app server he had popped, so he wrote a turn-based mini binary to give you a semi-interactive shell in restrictive environments. Writeup & code are at

👇
https://sensepost.com/blog/2025/no-egress-no-shell-no-problem/
SensePostJun 11, 2025
Felipe Molina 🔵Jun 11, 2025
I was talking with someone about dependency confusion and suply chain attacks and I was confused myself with the feasibility of doing this in 2025, so I decided to take a practical aproach and create my own tool 🔨 to detect Orphan and Mispelled packages 📦: https://sensepost.com/blog/2025/depscanner-find-orphaned-packages-before-the-bad-guys-do/
SensePost | Depscanner: find orphaned packages before the bad guys do

Leaders in Information Security

SensePostJun 4, 2025
Did we mention this is all done in the cloud, giving you access to labs after Vegas madness for practise, as well as office hours with the trainers outside the course. https://chaos.social/@singe/114624961492719545
Dominic White (@[email protected])

Attached: 1 image Wifi hacking can be a useful tool, but people are out here grinding on WPA2 handshake cracking tutorials & menu driven attack tooling. When we built the 3rd and latest iteration of the wifi hacking course for #BlackHat - we did it to show what really works and how it really works. 1/7

chaos.social
SensePostJun 4, 2025
Dominic WhiteJun 4, 2025
Wifi hacking can be a useful tool, but people are out here grinding on WPA2 handshake cracking tutorials & menu driven attack tooling. When we built the 3rd and latest iteration of the wifi hacking course for #BlackHat - we did it to show what really works and how it really works. 1/7
Show threadSensePostApr 17, 2025
After identifying a mistake relating to NTLMv1 being enabled in the test environment, the blog has been updated with an errata section.
SensePostApr 17, 2025

Unsatisfied with merely relying on reFlutter to do its magic, Jacques dove deep to understand how Flutter's SSL pinning in Android works, and how to intercept it with Frida.

https://sensepost.com/blog/2025/intercepting-https-communication-in-flutter-going-full-hardcore-mode-with-frida/

SensePost | Intercepting https communication in flutter: going full hardcore mode with frida

Leaders in Information Security

SensePostApr 14, 2025

The S is for Security. How to use WinRMS as a solid NTLM relay target, and why it’s less secure than WinRM over HTTP.

writeup: https://sensepost.com/blog/2025/is-tls-more-secure-the-winrms-case./

PR to impacket:
https://github.com/fortra/impacket/pull/1947/files

SensePost | Is tls more secure? the winrms case.

Leaders in Information Security

SensePostMar 29, 2025
leonjza Mar 29, 2025

Whipped together a SOCKS5-over-any-transport feature today for the c2 & implant used in @sensepost purple teaming / emulation exercises.

Here I have a cURL request, over an ICMP channel, funnelling HTTP requests in and out via our implant :D

Fun! 😄🔥

SensePostMar 24, 2025

Dropping Teams malware via the browser’s cache - part II of Aurélien’s Browser Cache Smuggling covers his Insomni’hack talk with end to end weaponisation https://sensepost.com/blog/2025/browser-cache-smuggling-the-return-of-the-dropper/

Demo: https://youtu.be/tIveWYfYcCI

SensePost | Browser cache smuggling: the return of the dropper

Leaders in Information Security