Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Hardware Hacking: Plunder With a Bus Pirate
For this blog, I'm going to assume you have a Bus Pirate, you are able to access its terminal, and you are ready to use it—but what are you going to use it on?…
Offensive Lab Environments (Without the Suck)
WhatHave you ever been in an engagement where you need to test an evasive payload or technique, but you lack the time or resources to spin up a replica lab…
Content Security Policy: Mitigating Web Vulnerabilities by Controlling the Rules of the Game
Defining a Content Security Policy (CSP) for your web application can significantly harden it against XSS attacks, packet sniffing, and clickjacking, while…
A Beginner’s Guide to Mobile Application Testing
As consumers become more dependent on mobile devices, the need for application security has become more of a priority. In this blog post, I will discuss my…
The Rising Threat: A Surge in Zero-Day Exploits
IntroductionThe cat-and-mouse game between defenders and attackers continues to escalate in the ever-evolving cybersecurity landscape. Advanced Persistent…
Burrowing a Hollow in a DLL to Hide
1 Burrowing a Hollow in a DLL to Hide In this post about common malware techniques, we are still talking about hollowing—but this time, instead of hollowing…
From Zero to Purple
Learn how to create and deploy Internet Shortcut files for adversary emulation and detection engineering using Python, SMB, and WebDAV servers, a useful tool…
ProxyHelper2: The Sequel
ProxyHelper2 for Mark VII Pineapples allows device traffic to be forcibly routed into Burp Suite Proxy, intercepting traffic for Android applications.
Engagement Guide: How to Prepare for Your Purple Team
TrustedSec's Purple Team engagements prepare clients for security assessments by identifying gaps in security coverage, logging, and tooling, with offerings…
Level Up Your Reporting
Improve assessment report quality with a consistent template, clear evidence, and user-friendly annotations, enhancing collaboration and understanding among…
Detection Alchemy - The Purple Team Way
1.1 IntroductionAs security practitioners, we frequently extol the virtues of penetration testing and red team exercises as a way of identifying issues…
Regex Cheat Sheet
Master regex with Regex101, a comprehensive resource for testing and learning regex patterns, and reinforce your skills with a regex crossword puzzle.
Hardware Hacking: Plunder With a Bus Pirate
For this blog, I'm going to assume you have a Bus Pirate, you are able to access its terminal, and you are ready to use it—but what are you going to use it on?…
Offensive Lab Environments (Without the Suck)
WhatHave you ever been in an engagement where you need to test an evasive payload or technique, but you lack the time or resources to spin up a replica lab…
Content Security Policy: Mitigating Web Vulnerabilities by Controlling the Rules of the Game
Defining a Content Security Policy (CSP) for your web application can significantly harden it against XSS attacks, packet sniffing, and clickjacking, while…
A Beginner’s Guide to Mobile Application Testing
As consumers become more dependent on mobile devices, the need for application security has become more of a priority. In this blog post, I will discuss my…
The Rising Threat: A Surge in Zero-Day Exploits
IntroductionThe cat-and-mouse game between defenders and attackers continues to escalate in the ever-evolving cybersecurity landscape. Advanced Persistent…
Burrowing a Hollow in a DLL to Hide
1 Burrowing a Hollow in a DLL to Hide In this post about common malware techniques, we are still talking about hollowing—but this time, instead of hollowing…
From Zero to Purple
Learn how to create and deploy Internet Shortcut files for adversary emulation and detection engineering using Python, SMB, and WebDAV servers, a useful tool…
ProxyHelper2: The Sequel
ProxyHelper2 for Mark VII Pineapples allows device traffic to be forcibly routed into Burp Suite Proxy, intercepting traffic for Android applications.
Engagement Guide: How to Prepare for Your Purple Team
TrustedSec's Purple Team engagements prepare clients for security assessments by identifying gaps in security coverage, logging, and tooling, with offerings…
Level Up Your Reporting
Improve assessment report quality with a consistent template, clear evidence, and user-friendly annotations, enhancing collaboration and understanding among…
Detection Alchemy - The Purple Team Way
1.1 IntroductionAs security practitioners, we frequently extol the virtues of penetration testing and red team exercises as a way of identifying issues…
Regex Cheat Sheet
Master regex with Regex101, a comprehensive resource for testing and learning regex patterns, and reinforce your skills with a regex crossword puzzle.
Loading...