Research that leads the way
Our forward-thinking research team (AKA the TrustedSec Research Unit) produces practical TTPs to make your program more secure.
Our research ensures that TrustedSec consultants keep up with the ever-evolving cybersecurity landscape.
We develop advanced tooling with features and capabilities not found in the commercial market.
Meet Christopher Paschen, the TrustedSec Research Team Lead.
Our contributions to the community help us create a more secure world.
Because we constantly research and develop new TTPs, our archives are chock-full of ideas.
A Hitch-hacker's Guide to DACL-Based Detections (Part 2)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionThis is a continuation of A…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1B)
Here is a meta description summarizing the key benefits and value proposition of this webpage, within the 150-160 character limit:
Detecting Windows SACL…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1A)
blue team
Modeling Malicious Code: Hacking in 3D
This blog post reveals how attackers can exploit the.3mf file format to smuggle malicious code into an environment, bypassing off-the-shelf detection…
Learning Sysmon - Videos 1-10
Unlock our proprietary system with our custom groups allocation, designed for efficient and secure resource management, ensuring seamless scalability and high…
Using RPC in BOFs
Converting Windows RPC to Beacon Object Files for a flexible and secure payload.
Disabling AV With Process Suspension
Suspend Windows Defender to bypass Mimikatz, but be aware of system instability and potential security gaps, as this technique can be exploited by attackers.
Situational Awareness BOFs for Script Kiddies
What are Binary Object Files (BOFs) and how do they support post-exploitation operations in memory, offering increased OPSEC and a smaller footprint.
Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)
Protect your organization from the Microsoft Outlook CVE-2023-23397 vulnerability with expert guidance and a simple remediation script.
Shells in Plain Sight - Storing Payloads in the Cloud
THIS POST WAS WRITTEN BY @NYXGEEK I stumbled upon an old side project the other day -- it was a tool to get payloads through web content filters by hiding…
Changes in the Beacon Object File Landscape
Understanding the power and limitations of Beacon Object Files (BOFs) in the context of Cobalt Strike, COFFLoader, and other frameworks, as a tool for…
RPC Programming for the Aspiring Windows Developer
Write a Windows developer's guide to programming Windows Remote Procedure Call (RPC) calls, exploring its implementation, advantages, and required setup,…
Loading...
Building a toolset
We make custom tools for engagements and open-source tools for you (and the world).
Learning Sysmon YouTube series
Watch the “Learning Sysmon” video series created by Director of Security Intelligence Carlos Perez. More than 20 videos available!
Staying a step ahead
Attackers are always innovating—but so are we. TRU develops custom training and workshops on subjects not easily found elsewhere. We provide expert services and advice on advanced subjects.
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
