Everyone wants to be ZeroCool. In the end, however, most of us are Eugene

Fellow pen testers... Do me a favour, okay?

Write your methodologies down. Even if it's just commands. This has saved my a*s countless times.

There's no shame in writing things down for reference later. It might even help your team ;)

Also, it doesn't look as awkward referencing notes as it does looking things up on Google while onsite at a client. ;)

It's really late and I need sleep. But first, here's a quick post. :)

Winston Privacy - NATing, Blocking, Privacy, What?


The nice part about so many web applications focusing solely on visual design is that so many of them forget about securing data behind the scenes. :D

Looking for more of my fellow people to follow. Need to stay current :O

Reason #10453372 to log ALL your pentest activities:

You never know when a client may ask what systems you did X on, or where Y was found specifically


Dreadsec; an infosec and pirate instance. No ads, no corporate surveillance. Sail the cyber seas! No egos, drama, or a**holes; plenty of those bilge-sucking rapscallions elsewhere.