Nmap SMTP User Enumeration or How ChatGPT Helps Our Work

2025-03-17
Some time ago, I wanted to refresh and expand my knowledge of penetration testing. For this purpose, I started taking courses on Hack The Box. Everything went smoothly until the moment I needed to perform SMTP user enumeration. But this story isn’t so much about the enumeration itself—it’s about how ChatGPT helps us fix the tools we use in our challenging work. Introduction The task seemed straightforward: I had a list of usernames, and I needed to determine which ones existed on an SMTP server. Continue reading

Adventures in Agentic AI Simulation Land

2025-03-11

(Or, How We Learned to Stop Worrying and Love the Cloud)

Have you ever wondered how a cloud-based, multi-agent AI service handles a flurry of incoming user requests without spontaneously combusting? Well, wonder no more! In this blog post, we’ll embark on a fun, light-hearted journey through a simulation that tests just how gracefully an AI agentic system (think: a set of AI agents working together) scales, splits, and handles all sorts of query traffic. We’ll talk about our framework, assumptions, code, and results—complete with a snazzy chart to show off our data.

Continue reading

Visualizing Azure Networking using D3js

2024-04-29

A picture worth a thousand words. When you work with a complex networking infrastructure, it would be great to have a bird’s-eye view of it. In this article, I want to discuss how this can be achieved using PowerShell, Jupyter notebooks, and d3js

Continue reading

Continuing the Conversation on Jupyter and PowerShell

2023-10-30

Let’s dive a little deeper into the Jupyter-PowerShell duo. First, we’ll try to uncover the ‘why’ behind this alliance. Next, we’ll pry into the ‘how’ of the operation. And finally, we’ll unveil the secrets of crafting a notebook and launching it into the digital cosmos for your team or, who knows, the whole world to see. Ready? Set. Go!

Continue reading

Do we always need to follow CAF recommendations?

2023-10-12

In the journey of infrastructure creation within Azure, many organizations lean towards crafting complex hub-and-spoke topologies to host their applications, even when the necessity for such complexity isn’t apparent. A common justification echoes: “It’s mandated by the Microsoft Cloud Adoption Framework (CAF)”. However, embarking on this path unfolds a myriad of related, albeit previously unexplored, domains. For instance, the newfound need to manage IP spaces, delve into VLSM subnetting - topics unfamiliar to most Dev teams. Once networked, the quest doesn’t end; it merely morphs into challenges like private DNS resolution, establishing access to internal resources, and the list trails on.

Yet, if we pause to reflect, many Azure services including Azure Web Apps were designed with a public persona. Initially, some didn’t even entertain VNET integration, and this model was well-accepted.

In this article, we aim to traverse a less convoluted route towards securely hosting Web Apps, whilst sidestepping the network-centric hurdles.

Continue reading
Older posts