Solid security begins with knowing. Excels by doing.
Don’t Deploy Vulnerabilities
We are constantly updating and evolving our deliverables in an effort to provide more context around our security services. With that in mind we have been tracking some metrics since 2020 that allow us to see why organizations remain vulnerable to compromise. One of...
BloodHound Basics
“Hacking” isn't magic, but sometimes it is presented that way. Much of penetration testing and “hacking” is learning the tools of the trade and how they work "under the hood." In this series we hope to provide a high-level overview of common offensive tools, how they...
Exploiting the JMX Console (A slightly different path to compromise)
On a recent engagement, the client I was assessing had a relatively strong security posture. None of the old standby attacks were working. The client had disabled LLMNR and WPAD based on a previous security assessment, and all the client’s Windows machines were...