TLDR Use --immediate-mode* **, e.g. tcpdump --immediate-mode -w out.pcap And then use Ctrl+C to stop tcpdump whenever you feel like it, without fear of data loss. * --packet_buffered should do the trick but is not present in older versions of tcpdump; see below. ** But if you’re just printing to the console (that is, not using -w to save to a file), then the non-lossy behavior will be enabled by default, so no need to use these options.

Today I learned about SYSVOL, Groups.xml, and how it can contain admin passwords (in an insecure configuration). Long story short, if you gain access to a SYSVOL share, poke around and check for Groups.xml and its cpassword field (or any file with cpassword). Decrypting the password is easy with gpp-decrypt (see also a more modern and slick gpp-decrypt in Python). And my favorite tidbit was finding xq, “jq for XML” — a slick tool for grabbing values out of an XML file.

In an effort to achieve platform independence, I am reposting popular blog posts from years ago. Adjust accordingly, and enjoy! Originally posted on Medium, 2016-02-10. A few months ago, I started looking at fuzzing tools. Finding a decent open source tool to use was more trouble than I expected, so I decided to write about it here. tl;dr I went with Sulley because it is open source and much more usable than Peach.