What Is Penetration Testing?
In today’s world, security is more important than ever. As organizations increasingly rely on technology to drive business, digital threats are becoming more sophisticated, varied, and difficult to defend against. […]
Author
Adversary in the Middle (AitM): Post-Exploitation
In this video, Michael Allen discusses adversary-in-the-middle post-exploitation techniques and processes.
QEMU, MSYS2, and Emacs: Open-Source Solutions to Run Virtual Machines on Windows
As a tester, I do all my work inside a Virtual Machine (VM). Recently, I found myself in a situation where I needed to get a VM on a Windows […]
Clear, Concise, and Comprehensive: The Formula for Great SOC Tickets
A lot of emphasis and focus is put on the investigative part of SOC work, with the documentation and less glamorous side of things brushed under the rug. One such […]
DLL Hijacking – A New Spin on Proxying your Shellcode
This webcast was originally published on October 4, 2024. In this video, experts delve into the intricacies of DLL hijacking and new techniques for malicious code proxying, featuring a comprehensive […]
Blue Team, Red Team, and Purple Team: An Overview
By Erik Goldoff, Ray Van Hoose, and Max Boehner || Guest Authors This post is comprised of 3 articles that were originally published in the second edition of the InfoSec […]
Reconnaissance: Azure Cloud w/ Kevin Klingbile
This webcast was originally published on September 26, 2024. In this video, Kevin Klingbile from Black Hills Information Security discusses the intricacies of Azure Cloud services and M365, focusing on […]
Satellite Hacking
by Austin Kaiser // Intern Hacking a satellite is not a new thing. Satellites have been around since 1957. The first satellite launched was called Sputnik 1 and was launched […]
Proxying Your Way to Code Execution – A Different Take on DLL Hijacking
While DLL hijacking attacks can take on many different forms, this blog post will explore a specific type of attack called DLL proxying, providing insights into how it works, the potential risks it poses, and briefly the methodology for discovering these vulnerable DLLs, which led to the discovery of several zero-day vulnerable DLLs that Microsoft has acknowledged but opted to not fix at this time.