Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Setting the ‘Referer’ Header Using JavaScript
Or, “I’m Sorry, You Said You’re from Where Again?” In a prior webinar on creating weaponized Cross-Site Scripting (XSS) payloads, I mentioned that XSS payloads…
Azure Account Hijacking using mimikatz’s lsadump::setntlm
Not long ago, I was on an engagement where the client made use of a hybrid Office 365 environment. In their setup, authentication credentials were managed by…
MacOS Injection via Third-Party Frameworks
Since joining the TrustedSec AETR team, I have been spending a bit of time looking at tradecraft for MacOS environments, which, unfortunately for us attackers,…
Weaponizing Group Policy Objects Access
Recently, I was on an engagement where I discovered I had plaintext credentials to an account that could modify Active Directory Group Policy Objects (GPOs).…
Making EDR Work for PCI
The Endpoint Detection & Response (EDR) and Advanced Threat Protection (ATP) marketplace is abuzz with products that blur the lines of personal firewall,…
Fuzzing the Front End!
So, who is testing the client-side components of Single Page Applications (SPAs)? What are you doing exactly, dropping a few cross-site scripting (XSS)…
SMS Phish - An Incident Walkthrough
Opener The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view…
So, You Got Access to a *nix system… Now What?
Note to Reader: For simplicity, I will be referring to all Unix, Linux, and other Unix-like systems simply as *nix, unless a specific distinction needs to be…
Red Teaming With Cobalt Strike – Not So Obvious Features
Since beginning work as a red teamer almost two years ago, I've had to learn a lot of new information and tooling. I had never worked with Cobalt Strike before…
Two Simple Ways to Start Using the MITRE ATT&CK Framework
While there is a wealth of free information intended to help larger organizations use the MITRE ATT&CKTM Framework, these resources often assume that the…
Become The Malware Analyst Series: PowerShell Obfuscation Shellcode
https://youtu.be/mBbDCTEYaOY In this second installment of the 'Become a Malware Analyst Series," Principal Incident Response & Research Consultant Scott…
One Size Doesn't Fit All: Penetration Testing Maturity
As the security industry continues to progress, companies are focusing on their own security programs, trying to figure out what works and what doesn't. One of…
Loading...