Skip to Main Content

Research that leads the way

Our forward-thinking research team (AKA the TrustedSec Research Unit) produces practical TTPs to make your program more secure.

Our mission

Our research ensures that TrustedSec consultants keep up with the ever-evolving cybersecurity landscape.

We develop advanced tooling with features and capabilities not found in the commercial market.

TrustedSec Research Unit (TRU) highlight

Meet Christopher Paschen, the TrustedSec Research Team Lead.

Christopher has worked in Information Security in both the private and public sectors for more than 10 years. He manages research direction and contributes to our internal implant and payload generation systems.

Our contributions to the community help us create a more secure world.

Because we constantly research and develop new TTPs, our archives are chock-full of ideas.

Year
Sections
Blog March 11 2025

Abusing Windows Built-in VPN Providers

Some interesting things happen when you connect to a virtual private network (VPN). One that recently caught my interest is updates to the routing table.…

Read about this article
Blog February 20 2025

Exploring NTDS.dit – Part 1: Cracking the Surface with DIT Explorer

NTDS.dit is the file housing the data for Windows Active Directory (AD). In this blog post, I’ll be diving into how the file is organized. I’ll also be walking…

Read about this article
Blog October 29 2024

Android Hacking for Beginners

Bypass Android security measures to access sensitive data and transfer funds with this step-by-step guide to exploiting vulnerabilities in the Damn Vulnerable…

Read about this article
Blog June 04 2024

Introducing The Shelf

The Shelf

Read about this article
Blog May 14 2024

Introducing Meta-Detector

In this blog post, I’m going to discuss a new Open-Source Intelligence (OSINT) tool I created to assist with collecting information about target organizations…

Read about this article
Blog May 02 2024

XZ Utils Made Me Paranoid

Identify XZ Utils backdoors by parsing ELF binaries, identifying function hooks, and comparing memory sections in real-time, using tools like ptrace and…

Read about this article
Blog April 30 2024

The Midnight Alert: Navigating the Dark Web Data Dilemma

In the dead of night, an ominous message hits your inbox: "Your company's sensitive data is for sale on the dark web." As the Chief Information Security…

Read about this article
Blog April 09 2024

A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum

 This blog was co-authored by TAC Practice Lead Megan Nilsen and Andrew Schwartz.1    IntroductionLast year, Andrew and I posted a four (4) part blog series…

Read about this article
Blog March 05 2024

Behind the Code: Assessing Public Compile-Time Obfuscators for Enhanced OPSEC

LLVM obfuscation passes show minimal impact on native executable detection rates, with some exceptions.

Read about this article
Research January 25 2024

Russia Hacks Microsoft and the Challenges of Securing Cloud

Watch as Carlos Perez and Edwin David discuss the Midnight Blizzard hack of Microsoft and the challenges of securing cloud environments.

Read about this article
Blog December 12 2023

Tech Brief - Citrix Bleed Abused by Ransomware Crews

Protect against Citrix Bleed ransomware attacks with our expert guidance on identifying vulnerabilities, developing detections, and improving incident response…

Read about this article
Blog October 17 2023

A Hitch-hacker's Guide to DACL-Based Detections (Part 3)

Configuring a SACL to prevent unauthorized changes to Active Directory attributes, enabling auditing and monitoring for potential attacks, and detecting…

Read about this article
Research highlight

Learning Sysmon YouTube series

Watch the “Learning Sysmon” video series created by Director of Security Intelligence Carlos Perez. More than 20 videos available!

Staying a step ahead

Attackers are always innovating—but so are we. TRU develops custom training and workshops on subjects not easily found elsewhere. We provide expert services and advice on advanced subjects.

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.