• RCE over ham radio – Reverse shell via WinAPRS memory corruption bug https://www.coalfire.com/the-coalfire-blog/hacking-ham-radio-winaprs-part-5 47 comments 31/5/2022
• Coalfire Comments on Penetration Tests for Iowa Judicial Branch https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-Comments-on-Pen-Tests-for-Iowa-Judicial 73 comments 19/9/2019
• Microsoft Word Document Upload to Stored XSS: A Case Study https://www.coalfire.com/Solutions/Coalfire-Labs/The-Coalfire-LABS-Blog/may-2018/microsoft-word-document-upload-to-stored-xss 3 comments 10/5/2018
• Dude, where's my car? http://www.coalfire.com/The-Coalfire-Blog/October-2014/Dude-where-is-my-car 3 comments 5/11/2014

• RCE over ham radio - Reverse shell via WinAPRS https://www.coalfire.com/the-coalfire-blog/hacking-ham-radio-winaprs-part-5 21 comments 25/5/2022 netsec
• Burn your enemy's houses down with their 3D printer: part 3 https://www.coalfire.com/the-coalfire-blog/june-2020/iot-part3-fire 22 comments 6/7/2020 netsec
• Starting Fires by Hacking 3D Printers, pt 1 https://www.coalfire.com/the-coalfire-blog/april-2020/with-iot-common-devices-pose-new-threats 7 comments 4/4/2020 netsec
• Penn Testers Arrested https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement 196 comments 30/10/2019 sysadmin
• Introducing Slackor, a Remote Access Tool Using Slack as a C2 Channel https://www.coalfire.com/the-coalfire-blog/june-2019/introducing-slackor 16 comments 19/6/2019 netsec
• Red Team & Penetration Testing using Intel AMT: The DEATHMETAL suite https://www.coalfire.com/the-coalfire-blog/april-2019/the-death-metal-suite 25 comments 9/4/2019 netsec
• High-power hash cracking on AWS with NPK https://www.coalfire.com/the-coalfire-blog/march-2019/high-power-hash-cracking-with-npk 19 comments 21/3/2019 netsec
• How I Found CVE-2018-8819: Out-of-Band (OOB) XXE in WebCTRL https://www.coalfire.com/solutions/coalfire-labs/the-coalfire-labs-blog/june-2018/how-i-found-cve-2018-8819-out-of-band-(oob)-xxe 3 comments 13/6/2018 netsec
• PowerShell: In-Memory Injection Using CertUtil.exe https://www.coalfire.com/solutions/coalfire-labs/the-coalfire-labs-blog/may-2018/powershell-in-memory-injection-using-certutil-exe 15 comments 1/6/2018 netsec
• Exploiting an Unsecured Dell Foglight Server https://www.coalfire.com/solutions/coalfire-labs/the-coalfire-labs-blog/may-2018/exploiting-an-unsecured-dell-foglight-server 3 comments 24/5/2018 netsec
• Microsoft Word Document Upload to Stored XSS: A Case Study https://www.coalfire.com/solutions/coalfire-labs/the-coalfire-labs-blog/may-2018/microsoft-word-document-upload-to-stored-xss 6 comments 10/5/2018 netsec
• Introducing Red Baron - Automate the Creation of Resilient, Disposable, Secure, and Agile Infrastructure for Red Teams https://www.coalfire.com/solutions/coalfire-labs/the-coalfire-labs-blog/february-2018/introducing-red-baron 7 comments 8/2/2018 netsec
• Dude, where's my car? - An analysis of remote vectors for hacking automobile infotainment systems (Part 1) http://www.coalfire.com/the-coalfire-blog/october-2014/dude-where-is-my-car 8 comments 29/10/2014 netsec