Collaborate Disseminate
Insecure By Default Mobile application assessments diverge somewhat from normal web application assessments as there is an installed client application on a local device to go along with the backend server. Mobile applications can often work offline, and thus have a local store of data. This is commonly in the form of SQLite databases stored…
The post Looting iOS App’s Cache.db appeared first on TrustedSec.
Back in May of 2018, I wrote a blog post detailing the steps I took to detect Kerberoast (T1558.003) attacks. This research allowed us to help organizations build a detection for when a threat actor requests the Kerberos ticket for accounts with a service principal name established. In this blog post, I am going to…
The post The Art of Bypassing Kerberoast Detections with Orpheus appeared first on TrustedSec.
Continue reading The Art of Bypassing Kerberoast Detections with Orpheus
Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. Kali Linux also comes with several hundred specialized tools for carrying out p… Continue reading 5 Kali Linux tools you should learn how to use
When people find out that I’ve spent much of my career being hired by companies to steal their secrets, they usually ask, “Are we doing enough? Do we need a red team?” The latter is not a question with a simple “yes” or “no” answer. Many companie… Continue reading Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color
In part 1 of this blog mini-series, we looked at memory regions and analyzed them to find some potential malicious behavior. In part 2, we will do the same thing with enumerating threads. Nobody explains it better than Microsoft—here is their explanation of what a thread is: “A thread is the basic unit to which…
The post Windows Processes, Nefarious Anomalies, and You: Threads appeared first on TrustedSec.
Continue reading Windows Processes, Nefarious Anomalies, and You: Threads
While operating on a red team, the likelihood of an Endpoint Detection and Response (EDR) being present on a host is becoming increasingly higher than it was a few years ago. When an implant is being initiated on a host, whether it’s on-disk or loaded into memory, then there is a lot to consider. In…
The post Windows Processes, Nefarious Anomalies, and You: Memory Regions appeared first on TrustedSec.
Continue reading Windows Processes, Nefarious Anomalies, and You: Memory Regions
TL;DR Define the goal of an assessment. Take time to choose the right assessment type. The more detail you give about an asset, the better quality your report will be. Select the right environment for the assessment. Consider the timing for performing the assessment. Communicate internally and make sure everyone is up to speed. Do…
The post How to Get the Most Out of Your Pentest appeared first on TrustedSec.
In this Help Net Security video, Christopher Maddalena, Director of Internal and Community Product at SpecterOps, showcases Ghostwriter, which helps you manage clients, projects, reports, and infrastructure in one application. The tool does not replace… Continue reading Ghostwriter: Open-source project management platform for pentesters
Get six training courses for just eight dollars each with The Complete 2022 PenTest & Ethical Hacking Bundle.
The post Here’s how you can become a highly-paid ethical hacker appeared first on TechRepublic.
Continue reading Here’s how you can become a highly-paid ethical hacker
In this video, our Principal Research Analyst Scott Nusbaum goes over his research on LastPass Password Manager. He discusses how the credentials are exposed in memory to an attacker that is present on the host and is able to access the browser process. He also goes over on how LastPass could modify their extension to…
The post LastPass in Memory Exposure appeared first on TrustedSec.