Cyber Security Awareness and Vulnerabilities Blog

RSS

We all know that there are clear problems in the industry when it comes to role design and entitlement certification. Problems like: Lack of visibility: Most entitlements and user access logs are kept in spreadsheets, whether on their machine or in an online tool,…

Read More

RSA2018 SF Map v-1200px.png

Are you hitting the road and heading to RSA 2018 in San Francisco this April? We know this event is huge and it can be a tad bit overwhelming trying to start a conversation with perfect strangers. So we’re here to help. We’ve…

Read More

Securing Enterprise Business Applications such as SAP systems poses a large set of challenges. Most companies have been passing through and maturing on how to adopt cryptography and encryption on these systems. However, this opens the door for new challenges. The protection of…

Read More

Today we're sharing how to use the customizable reports functionality available in Core Impact. In order to generate such agents, we'll use the "Network Report Generation" wizard. From the list of available reports, filter for type "spreadsheet" and select "Network Host Report". When clicking on "Duplicate"…

Read More

  It is our mission to continue to produce the most effective and efficient security products and services on the market. Today, I am happy to announce the release of Core Impact 18.1, our market leading penetration testing solution – where we put the…

Read More

The next set of features shown in this quick video demonstrates the PowerShell integration that's available on Windows agents. The first step is to use the "Get installed PowerShell version" in order to verify that the target system has the proper PowerShell environment ready to…

Read More

We all hate passwords. Either you can't remember them, or you re-use the same one over and over to avoid forgetting it. Trying to come up with new passwords is a never-ending battle against human memory versus the potential for someone to guess the…

Read More

In this demo, you'll learn how to leverage the already installed PCAP-enabled agent from last week in order to establish a remote interface on the restricted internal network. After searching for the "Remote Network Interface" module, drop it under the agent. Then, select the interface on…

Read More

In this quick video, we show how the PCAP plugin can be installed and used in order to quickly and efficiently improve the speed of information gathering tasks. Since installing the PCAP plugin requires administrative privileges, we'll begin by running a local escalation module. For this…

Read More

  In this video, we show how to set up a temporal agent using the DNS communication channel. In order to mimic a client-side attack against a victim inside our restricted network, we'll use the "Server Agent in Web Server" module. After selecting the proper architecture,…

Read More