Resources

Blog

How Voice Biometrics Became a Real Game-Changer at a Large Financial Services Organization

Mon, 06/14/2021

Ready to make a big impact on security, cost savings, and productivity?

Video

Why Pen Testing is Essential in Today’s Threat Landscape

Fri, 06/04/2021

As cyber-attacks continue to be disturbingly common, penetration tests have become increasingly important. These valuable assessments, performed using either in-house personnel or third-party service vendors, exploit vulnerabilities to determine the security stance of an IT environment. In fact, according to the 2024 Penetration Testing Survey, 83% of respondents run pen tests at least 1-2 times a...

Video

Getting Inside the Mind of an Attacker: After the Breach - Next Steps After Compromising Active Directory

Thu, 05/27/2021

Unfortunately, the reality of cybersecurity is that attackers will sometimes succeed in breaching an IT environment. Accepting this probability allows you to focus on learning how to detect a breach and manage such attacks. Cybersecurity expert Julio Sanchez demonstrates approaches threat actors may take in an attempt to gain persistence after compromising Active Directory. Learn how each...

Article

Analysis of CVE-2021-26897 DNS Server RCE

CVE-2021-26897 is a DNS server RCE vulnerability, and is triggered when many consecutive Signature RRs Dynamic Updates are sent. This vulnerability is an OOB write on the heap when combining the many consecutive Signature RR Dynamic Updates into base64-encoded strings before writing to the Zone file. According to Microsoft, systems are only vulnerable if a DNS server had dynamic updates enabled....

Guide

How to Assess Your Security:

Article

Dejablue Vulnerabilities in Windows 7 to Windows 10 [CVE-2019-1181 and CVE-2019-1182]

Core Labs has completed an in-depth analysis of two Microsoft vulnerabilities, CVE-2019-1181 and CVE-2019-1182, which were patched in August 2019. These vulnerabilities are particularly interesting and worth further assessment because they affect OS versions ranging from Windows 7 to Windows 10 1903 (x86, x86-64 and ARM64).

Article

How to Build a USB Drop Attack

Dropped USB flash drives are still effective means for getting into networks. The goal of this post is to give you a bit of a hands on lab and show you some tricks for actually conducting USB drop attacks, including how to prepare the payload using Core Impact. USB drop attacks are a bit of a performance art form. You need to build an enticing story that’ll make the discoverers of the drop, whom...

Article

Reversing & Exploiting with Free Tools: Part 8

In part 7, we solved ABO2 in GHIDRA. In this part, we’ll use IDA FREE to solve ABO3. As is the case with all of the ABOS, the goal is to run the calculator or some other executable that we want. First, open ABO3 in IDA FREE to analyze it. Searching for the PDB in the symbol server could produce the...

Datasheet

Offensive Security - Advanced Bundle

Core Impact and Cobalt Strike represent two distinct, yet complementary approaches to security assessment. Core Impact is an automated pen testing tool that focuses on initial access and security validation, while Cobalt Strike specializes in advanced post-exploitation techniques for red team operations. In additional to functioning independently, security teams can benefit from both platform...

Blog

Role-Based Access Control: Why It Delivers a Modern Approach for Managing Access

Wed, 04/07/2021

Relying on outdated methods to manage user access is both a constant struggle and a persistent risk to your business. Manually keeping track of users and entitlements is costly, time-consuming, and daunting. But with a modern role-based approach, you can embrace a smarter, simpler, more secure way to manage user access. In this blog, we will define role-based access control (RBAC), explore why it...

Article

How to Deal with Microsoft Monthly Updates to Reverse Engineer Binary Patches

The new format of Microsoft monthly updates have proven challenging to reverse engineer. We’ve figured out a workaround that we hope will be helpful. In the original format, the Microsoft updates have always included the full files to patch, and from there it’s relatively straightforward to work on reversing and diffing through only extracting, without installing the patch. Sometimes the patch...

Blog

Penetration Testing Frequency: How Often Should You Test?

Wed, 03/31/2021

Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture. Many businesses want to stay proactive about securing their IT environment and find that pen testing helps them stay compliant and prove adherence to regulations or industry best practices. According to the...

Article

Core Impact 2017 versus Metasploit: the Shootout Comparison

Core Impact 2017 R1 and Metasploit Pro are tools used to create multi-staged, real-world attacks to test enterprise security defenses. Organizations need improved visibility into the the holes in their enterprise network defenses. Pen Testing tools allow an organization to evaluate their ability to detect, prevent, and respond to attacks using multi-staged, real-world attacks. Both Core Impact...

Blog

3 Reasons You Should Be Using SIEM

By Bob Erdman on Wed, 03/24/2021

Security Information and Event Management (SIEM) solutions have been around for years, helping to identify and escalate critical security events. SIEM solutions have become integral to many organizations’ security portfolios. In fact, according to the 2021 SIEM Report by Cybersecurity Insiders, 74 percent of respondents ranked SIEM as very to extremely important to their organization’s security...

Article

Understanding the Evolution of Ransomware

Ransomware, as an active variant of current malware, has undoubtedly undergone a series of changes that have allowed cyber criminals to expand the horizons of clandestine business. In order to try to understand the different "forms" ransomware has presented over time, this article will show the evolutionary line of this latent threat in a compact and concrete way. Ultimately, it aims to...

Video

Prioritizing Pen Testing: 2021 Survey Results Revealed

Tue, 03/16/2021

The global chaos of last year was also seen in the digital world, as cyber attackers were seemingly relentless in their efforts. Such activity underscores the importance of penetration testing to assess and test security vulnerabilities, which allow you to better evaluate risk and be ready to detect, prevent and respond to threats as they happen. Though pen tests continue to become a required part...

Blog

How to Pen Test Against Orphaned and Privileged Accounts

Mon, 03/15/2021

The more pen-tests I do, the more I see that despite how every organization claims that they’re different, I see the same commonalities with how things are being managed inside the network. One of those commonalities that I see tends to vastly improve my odds of persistence and avoiding detection: how an organization handles orphaned accounts and service accounts. Let’s talk about a little theory...

Article

Simple DNS Redirectors for Cobalt Strike

Authored by: Ernesto Alvarez, Senior Security Consultant, Security Consulting Services This article describes techniques used for creating UDP redirectors for protecting Cobalt Strike team servers. This is one of the recommended mechanisms for hiding Cobalt Strike team servers and involves adding different points which a Beacon can contact for instructions when using the HTTP channel. Unlike HTTP...

Video

The Evolution of SIEM: 2021 Survey Results Revealed

Tue, 03/09/2021

The commotion and upheaval of 2020 still has everyone seeking steadier ground, and security teams are no exception. But with seemingly relentless attacks and increasingly complex threats, is such stability just a pipe dream? Can well established safeguards like Security Information and Event Management (SIEM) solutions still be relied upon? In this webinar, cybersecurity experts Bob Erdman and...

Article

Exploiting Citrix Application Delivery Controller (ADC) and Gateway CVE-2019-19781 with Core Impact

A Core Impact module was released on January 14, 2020 to exploit an as-yet unpatched patch traversal flaw in Citrix Application Delivery Controller (ADC) and Gateway (formerly known as NetScaler ADC & NetScaler Gateway) identified as CVE-2019-19781.This critical vulnerability is a path traversal bug that can be exploited over the internet by an attacker. It can be exploited to remotely execute...

How Voice Biometrics Became a Real Game-Changer at a Large Financial Services Organization

Why Pen Testing is Essential in Today’s Threat Landscape

Getting Inside the Mind of an Attacker: After the Breach - Next Steps After Compromising Active Directory

Analysis of CVE-2021-26897 DNS Server RCE

How to Assess Your Security:

Dejablue Vulnerabilities in Windows 7 to Windows 10 [CVE-2019-1181 and CVE-2019-1182]

How to Build a USB Drop Attack

Reversing & Exploiting with Free Tools: Part 8

Offensive Security - Advanced Bundle

Role-Based Access Control: Why It Delivers a Modern Approach for Managing Access

How to Deal with Microsoft Monthly Updates to Reverse Engineer Binary Patches

Penetration Testing Frequency: How Often Should You Test?

Core Impact 2017 versus Metasploit: the Shootout Comparison

3 Reasons You Should Be Using SIEM

Understanding the Evolution of Ransomware

Prioritizing Pen Testing: 2021 Survey Results Revealed

How to Pen Test Against Orphaned and Privileged Accounts

Simple DNS Redirectors for Cobalt Strike

The Evolution of SIEM: 2021 Survey Results Revealed

Exploiting Citrix Application Delivery Controller (ADC) and Gateway CVE-2019-19781 with Core Impact

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum