Active Directory Certificate Services (ADCS) is also known as "privilege escalation as a service." ADCS is a service provided with Active Directory that issues certificates for machines and services within a Windows environment, and ...
Welcome to the first installment of "Attacks You Should Know About!" In this series of blogs, we will cover a variety of web application attacks that are fundamental for web application penetration testers to ...
Anyone that has ever had to deal with an internal network penetration test knows the big 3 of network poisoning attacks. Those are Link Local Multicast Name Resolution (LLMNR), Network Basic Input/Output System (NetBios), ...
What are Cookies? While browsing the internet, chances are that you’ve came across pop-ups that ask if you want to allow cookies. Instead of questioning what cookies are, the average user accepts the cookies and ...
What is LSASS and why do we care about it? LSASS stands for Local Security Authority Subsystem Service. It stores passwords and password hashes of: Accounts that are logged into a Windows machine Any other ...
Bringing your own device (BYOD) is a common practice within many organizations and due to COVID-19, the adoption of BYOD has expanded. The belief that software or applications can protect data from bad actors or ...
In the last blog, we discussed the components that are used in hardware hacking, the discovery phase and how to pull information off a device leveraging a UART port and the Das U-Boot boot loader. ...
There are many devices out there that store information in different ways and unfortunately, not all of them take security into account. With the advent of the Internet of Things (IoT), device manufacturers are publishing ...
Not too long ago, while working at another company, I was subjected to a presentation by a paid speaker at our annual sales kickoff meeting. Since I was heavily focused on security consulting solutions for ...
