June 13, 2019
Modern Red Team Infrastructure
There’s been a lot of talk recently regarding modern strategies for red team infrastructure. The…
Read More
October 4, 2018
Introducing the Red Team Toolkit
We are excited to introduce the Red Team Toolkit! The Red Team Toolkit (RTT) is…
Read More
September 10, 2018
An Approach to Bypassing Mail Filters
TLDR By "nulling" the first one or two bytes of a docm file, some spam…
Read More
June 26, 2018
ESPKey + Long Range RFID Reader = A New Tastic Thief
There have been plenty of blog posts, and security conference talks about building long-range RFID…
Read More
March 9, 2018
CAPTCHAs Done Right?
Web App assessments are probably one of the most popular penetration tests performed today. These are…
Read More
February 12, 2018
Weaponizing self-xss
Maybe you're a web app pentester who gets frustrated with finding self-xss on sites you…
Read More
February 6, 2018
Windows Events, Sysmon and Elk…oh my!
Overview While assisting customers in collaborative red and blue team assessments, we are often asked…
Read More
January 22, 2018
Insecurity Through Obscurity
Web App assessments are probably one of the most popular penetration tests performed today. These are…
Read More
August 23, 2017
sRDI – Shellcode Reflective DLL Injection
During our first offering of "Dark Side Ops II - Adversary Simulation" at Black Hat…
Read More
August 17, 2017
XSS Using Active Directory Automatic Provisioning
We recently tested a web application that had implemented Azure Active Directory automatic provisioning through…
Read More