A Holiday Tale of Two Teams: The Blue Team Barbie & Red Team Elf on the Shelf saga
Staff // Thanks to everyone for all the good ideas! We had so much fun with this, and hopefully it made you laugh as much as we did. Happy December! […]
Dungeons & Dragons, Meet Cubicles & Compromises
John Strand // Lately we’ve been running a very cool game with a few of our customers. There’s been some demand for incident response table top exercises. For the […]
Small and Medium Business Security Strategies: Part 1
Jordan Drysdale// Blurb: A few of us have discussed the stress that small and medium business proprietors and operators feel these days. We want to help stress you out even […]
WEBCAST: There and Back Again – A Pathfinder’s Tale
Matthew Toussain// Portswigger’s Burpsuite has become the tool of choice for web application penetration testers. OWASP’s Zed Attack Proxy (ZAP) not only fights in the same weight class but also […]
Performing a Physical Pentest? Bring This!
Jordan Drysdale// Physical Pentest Upcoming? Bring a Badgy. While badge reproduction may not be the intended use of this product, if you are a physical tester and you don’t own […]
Digging Deeper into Vulnerable Windows Services
Brian Fehrman // Privilege escalation is a common goal for threat actors after they have compromised a system. Having elevated permissions can allow for tasks such as: extracting local password-hashes, […]
A Morning with Cobalt Strike & Symantec
Joff Thyer // If you have been penetration testing a while, you likely have ended up in a Red Team situation or will be engaged in it soon enough. From […]
WEBCAST: Proper Active Defense and the New ACDC Active Defense Law
John Strand// In this webcast John talks about the new ACDC law and what it means exactly. There has been quite a bit of anger and great GIFs about hacking […]