The Many Ways to Roast A Network

Introduction Kerberos authentication is widely used in enterprise environments, but misconfigurations can expose vulnerabilities. Two commonly exploited attacks are Kerberoasting and AS-REP Roasting, which can be performed from any domain user or domain computer account. This blog will cover the attack methodology, demonstrate how to extract hashes using multiple tools, and discuss how to crack […]

The Easy EDR Bypass

In today’s digital landscape, protecting personal and corporate information is more critical than ever. One of the most effective yet often overlooked security measures is email masking. This technique can greatly enhance privacy and reduce exposure to cyber threats. Let’s explore how email masking works, why it’s important, and how individuals and businesses can benefit from it.

The Power of Email Masking

In today’s digital landscape, protecting personal and corporate information is more critical than ever. One of the most effective yet often overlooked security measures is email masking. This technique can greatly enhance privacy and reduce exposure to cyber threats. Let’s explore how email masking works, why it’s important, and how individuals and businesses can benefit from it.

When Sharing is Not Caring – Using GAU to Hunt for Sensitive Data

Whether it’s Box, ShareFile, Drive, or any other cloud hosted file sharing services, there are best practices to follow that, unfortunately, are not always followed. During a recent Open Source Intelligence engagement that we were performing, I got a little curious during my searching and wondered how severe something like sending a file without an […]

Unveiling Domain Escalation Techniques: Understanding EC1 through ESC4

One of the hottest path to domain compromise this year has been the presence of Active Directory Certificate Services (ADCS). Researchers William Schroeder and Lee Christensen blessed uswith a well written blog named Certifried Pre-Owned in 2021 explaining how several aspects of ADCS are susceptible to multiple different vulnerabilities. Originally, these were vulnerabilities were labeled […]

GoPhish Nginx Reverse Proxy for Beginners

Gophish is an open-source phishing framework that enables penetration testers to conduct simulated phishing attacks to assess the security awareness of an organization’s employees. Its user-friendly dashboard makes it easy to set up a phishing campaign and gather results that can be presented to a client. Although GoPhish is great at creating phishing simulations, it […]

Tool Tuesday: AttackForge

Welcome to the inaugural blog post for our Tool Tuesday! On the first Tuesday of each month one of our penetration testers will share a tool or software that they use or have used that they can’t live without. Engineer: James Carroll Tool: AttackForge Website: www.attackforge.com To kick off the the first Tool Tuesday post, […]

Breaking Down the CRTO and OSEP

Author: Adam Pawloski Happy New Year everyone! I’ve recently passed the exams for the Offensive Security Experienced Penetration Tester (OSEP) and Certified Red Team Operator (CRTO) certifications and wanted to share my thoughts on the courses, how they relate to day-to-day work activities and how the courses compare. OSEP Course Content The OSEP is a […]

Using BrowserStack to Virtualize Mobile API Testing

Physical devices are cool and all, but how cool would it be to create virtual mobile infrastructure and install mobile applications on it. Better yet, how cool would it be to be able to do this, and also be able to redirect all the web traffic to the proxy of your choice for manual inspection […]

Internal Pentesting Tools & Cheatsheet

I’ve had a lot of people emailing us asking for some of our common command usage for internal penetration testing engagements. This is a list from some of our internal notes that are great for beginners or administrators looking to gain some information from their own internal network. LDAPDomainDump Dumping all domain users Masscan Usage […]