Quick Password Cracks and Audits

During most offensive engagements weak passwords and password reuse lead to system compromise. It is for this reason that assessing password strength on a regular basis is key for organizations to ensure that they factor this information into their overall understanding of risk. It seems that password cracking and auditing run into two major roadblocks: organizational capabilities/resources, and security concerns around compromising credentials.

Read More
Geoffrey Pamerleau
Tactics to Maneuver Inside a Network: Using Kali and SSH to Pivot through your next Pentest

Today we will be maneuvering inside a customer’s network during a penetration test. Why, because we are masochists? Yes, but also because it is a key cyber tactic you need to be the elite penetration tester you claim to be in your twitter profile.

Read More
Web Hacking with Burp Suite (Part 3: The Power of a Proxy)

Why is seeing all your web application traffic and mess with it important? A single click can generate dozens of requests in the background and submit information you never see just by browsing a site. For a typical user, this is a convenience. For a security researcher, this can't be ignored.

Read More
Ascending to Godmode - Analyzing Privilege Escalation Tactics

Don’t get enough satisfaction from your work? Do you wish for phenomenal god-like power on someone else’s network? Do you want the upper hand on your red team? Well Matt D, our in-res Tactics Guy has the fix for you. Get inside the mind of your adversary learn their privilege escalation tactics.

Read More