Research that leads the way
Our forward-thinking research team (AKA the TrustedSec Research Unit) produces practical TTPs to make your program more secure.
Our research ensures that TrustedSec consultants keep up with the ever-evolving cybersecurity landscape.
We develop advanced tooling with features and capabilities not found in the commercial market.
Meet Carlos Perez, the TrustedSec Research Team Lead.
Our contributions to the community help us create a more secure world.
Because we constantly research and develop new TTPs, our archives are chock-full of ideas.
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum
This blog was co-authored by TAC Practice Lead Megan Nilsen and Andrew Schwartz.1 IntroductionLast year, Andrew and I posted a four (4) part blog series…
Behind the Code: Assessing Public Compile-Time Obfuscators for Enhanced OPSEC
Recently, I’ve seen an uptick in interest in compile-time obfuscation of native code through the use of LLVM. Many of the base primitives used to perform these…
Russia Hacks Microsoft and the Challenges of Securing Cloud
Watch as Carlos Perez and Edwin David discuss the Midnight Blizzard hack of Microsoft and the challenges of securing cloud environments.
Tech Brief - Citrix Bleed Abused by Ransomware Crews
Welcome to our first brief on current events in the industry that TrustedSec believes our customers should know. Play Citrix Bleed Abused by Ransomware…
A Hitch-hacker's Guide to DACL-Based Detections (Part 3)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this third and final…
A Hitch-hacker's Guide to DACL-Based Detections (Part 2)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionThis is a continuation of A…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1B)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this continuation to our first…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1A)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIf you were to collectively ask any…
Modeling Malicious Code: Hacking in 3D
Introduction Attackers are always looking for new ways to deliver or evade detection of their malicious code, scripts, executables, and other tools that will…
Learning Sysmon - Videos 1-10
Watch "Learning Sysmon," a new video series hosted by Research Team Lead Carlos Perez on YouTube now! What is Sysmon? Installation Command Line Configuration…
Android Hacking for Beginners
1.1 Prerequisites Set Up an Android Lab: https://www.trustedsec.com/blog/set-up-an-android-hacking-lab/ Burp Suite: https://portswigger.net/burp DVBA…
Using RPC in BOFs
In previous blog posts, I detailed how a windows programmer can develop against RPC and solidified why I feel Beacon Object Files (BOFs) have become cemented…
Loading...
Building a toolset
We make custom tools for engagements and open-source tools for you (and the world).
Learning Sysmon YouTube series
Watch the “Learning Sysmon” video series hosted by TRU Team Lead Carlos Perez. More than 20 videos available!
Staying a step ahead
Attackers are always innovating—but so are we. TRU develops custom training and workshops on subjects not easily found elsewhere. We provide expert services and advice on advanced subjects.
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.