Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Real or Fake? When Your Fraud Notice Looks Like a Phish
So I Received a Phishing Email… I recently received an email indicating my credit card number had potentially been stolen and used for fraud. At this point, I…
A Career in IT: Where Do I Start?
Get started in IT/InfoSec with a clear goal, a strong work ethic, and a willingness to learn and network, leading to a rewarding and in-demand career.
Simple Data Exfiltration Through XSS
A senior pentester demonstrates an XSS data exfiltration technique, using a stored XSS vulnerability to extract sensitive data from a high-privilege user's…
PCI Specialist Art "Coop" Cooper Joins TrustedSec Team
Coop
ADExplorer on Engagements
Using ADExplorer to browse Active Directory over SOCKS with a machine account hash.
Azure Application Proxy C2
Using Azure Active Directory (AD) Application Proxy to bypass traditional egress methods and create custom inbound proxy tunnels for C2 traffic, providing…
Companies on High Alert for Unemployment Fraud
Proactive measures to thwart unemployment fraud are crucial, and TrustedSec experts recommend employer actions, employee vigilance, and threat intelligence…
BITS for Script Kiddies
Use BITS to live off the land by leveraging its file transfer, copying, and execution capabilities, allowing you to evade detection and save your tools from…
Strength Training With Transport Cryptology: Part 2
Review the latest PCI Security Standards Council (PCI-SSC) guidelines for evaluating application cipher suites and ensure compliance with version 4.0 standards…
Strength Training With Transport Cryptology: Part 1
Get expert guidance on transport security with authoritative analysis of protocols and cipher suites, helping you identify weak points and improve application…
Practicing What We Preach
Meet Martin Bos, TrustedSec's first Chief Security Officer, and Justin Elze, our first Chief Technology Officer, driving our mission to make the world a more…
More Options for Response Modification -With ResponseTinker
Modifying server responses with ResponseTinker, a flexible Ruby-based extension for Burp Suite, to inject debugging and modify JavaScript files.
Loading...