NetSPI Blog

Kevin Robertson

Kevin Robertson holds a BS in Computing Security and Technology from Drexel University. Kevin has spent 20 years in IT with the last 5 years focused on penetration testing and tool development.

Kevin Robertson
September 25th, 2018

Inveigh – What’s New in Version 1.4

Ugh, I can’t believe it’s been a year and a half since the last release of Inveigh. I had intended to complete a new version back in March. At that time, my goals were to perform some refactoring, incorporate dynamic DNS updates, and add the ability to work with shares through NTLM challenge/response relay. In […]

Kevin Robertson
July 10th, 2018

Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS

Exploiting weaknesses in name resolution protocols is a common technique for performing man-in-the-middle (MITM) attacks. Two particularly vulnerable name resolution protocols are Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBNS). Attackers leverage both of these protocols to respond to requests that fail to be answered through higher priority resolution methods, such as DNS. […]