Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Oh, Behave! Figuring Out User Behavior
Understanding Windows user behavior without triggering EDRs, Oddvar Moe explores Windows Timeline data stored in a SQLite database, providing valuable insights…
ADExplorer on Engagements
Using ADExplorer to browse Active Directory over SOCKS with a machine account hash.
4 Free Easy Wins That Make Red Teams Harder
Boost Windows security with easy wins: disable macros, extensions, local admin access, and protect LSASS, making it harder for attackers to succeed.
Red Teaming With Cobalt Strike – Not So Obvious Features
Oddvar Moe shares his Cobalt Strike experiences, covering GUI tips, web log usage, Sync Files, profiles, and more, to help improve skills in becoming a better…
Microsoft MVP Awards 2020
Oddvar Moe and Carlos Perez, TrustedSec team members, recognized as Microsoft MVPs for multiple years, sharing their expertise with the community.
Breaking Typical Windows Hardening Implementations
Break typical Windows hardening configurations by bypassing restrictions on command prompt and registry editing tools, and exploiting Group Policy Preferences…
Wanted: Process Command Lines
Learn how to find and log process command line parameters on a Windows setup to enhance your Red Teamer skills and remain undetected.
Finding a Privilege Escalation in the Intel Trusted Connect Service Client
Exploiting a Windows vulnerability allows a standard user to create a new administrator user, demonstrating the power of privilege escalation in Windows.
Playing With Old Hacks
Recently, I was prepping for a session and wanted to show the old hack where you boot into a Windows setup using a USB stick and change out the utilman.exe…
Discovering the Anti-Virus Signature and Bypassing It
Windows Defender blocks the Regsvr32 attack with the signature looking for the combination of http and scrobj.dll, but bypass techniques include renaming,…
Next Gen Phishing - Leveraging Azure Information Protection
Using Azure Information Protection (AIP) to evade phishing detection, attackers can protect attachments and emails with encryption and custom permissions,…
Local Admin Access and Group Policy Don’t Mix
Having spent a career working with Group Policies, I thought now might be a good time to give an overview of it and I felt like doing a little writeup about…
Loading...