Defense
March 12, 2018

Windows Events, Sysmon and Elk…oh my! (Part 2)

Overview In the previous post we walked through on how to setup an ELK instance…
Read More
Penetration Testing
March 9, 2018

CAPTCHAs Done Right?

Web App assessments are probably one of the most popular penetration tests performed today. These are…
Read More
Uncategorized
February 12, 2018

Weaponizing self-xss

Maybe you're a web app pentester who gets frustrated with finding self-xss on sites you…
Read More
DefensePenetration Testing
February 6, 2018

Windows Events, Sysmon and Elk…oh my!

Overview While assisting customers in collaborative red and blue team assessments, we are often asked…
Read More
Penetration Testing
January 22, 2018

Insecurity Through Obscurity

Web App assessments are probably one of the most popular penetration tests performed today. These are…
Read More
CodePenetration Testing
August 23, 2017

sRDI – Shellcode Reflective DLL Injection

During our first offering of "Dark Side Ops II - Adversary Simulation" at Black Hat…
Read More
Penetration TestingWeb
August 17, 2017

XSS Using Active Directory Automatic Provisioning

We recently tested a web application that had implemented Azure Active Directory automatic provisioning through…
Read More
Penetration Testing
January 30, 2017

Username Discovery

Web App assessments are probably one of the most popular penetration tests performed today. These are…
Read More
Penetration Testing
January 23, 2017

Login Portal Security 101

Web App assessments are probably one of the most popular penetration tests performed today. These are…
Read More
Penetration Testing
January 27, 2016

Throwback Thursday – A Guide to Configuring Throwback

It's not Thursday, but today we're going back to DEF CON 22 where we released…
Read More