Resources

Blog

Network Monitoring and Identity Governance: How They Work Together to Enhance Your Security Posture

It’s no secret that keeping track of who has access to what in your organization has grown more complicated during the last year. Companies today are especially vulnerable because they often lack full visibility into the actual access levels employees possess and may not have the full picture of devices across their network infrastructure. Managing devices and user access is made even more...
Video

Bolstering Identity and Access Management within the Business: Critical Insights for Success

Identity-related access risks continue to present an ongoing threat to organizations today. In response, many companies have prioritized managing user access as an essential part of their cybersecurity strategy to strengthen their overall security posture. Yet despite their focus, a large majority of organizations still lack confidence in the effectiveness of their identity and access management...
Blog

An Even Better Way to Pen Test: New Features in Core Impact 21.1

The latest release of Core Impact has arrived! Version 21.1 demonstrates our commitment to allowing users to conduct advanced penetration tests effortlessly and efficiently. This release includes new features focused on increased visibility and ease of use, along with a simplified update process. 1. Attack Map Core Impact’s testing capabilities enable organizations to get a comprehensive picture...
Blog

Getting Inside the Mind of an Attacker: After the Breach - Achieving Persistence with Golden and Silver Tickets

In the first Inside the Mind of an Attacker series, we walked through scenarios of potential attacks on Active Directory, as well as techniques on how to identify and avoid breaches. In this series, we’ll transition to what happens after a successful compromise of Active Directory, in which an attacker attempts to gain persistence after the initial breach. We’ll discuss several different types of...
Blog

4 Best Practices for Patch Management

As data breaches continue to dominate the headlines, suggestions for enhancing your cybersecurity stance are everywhere. While much of this advice may be worth following, it’s often complicated, entailing multi-step processes or requiring expert intervention. However, before you start exploring advanced options, it’s important to begin with the basics. When it comes to cybersecurity, the simplest...
Article

Reversing & Exploiting with Free Tools: Part 9

In part 8, we solved ABO3 using IDA FREE. In this part, we’ll use Radare to solve ABO4. Updating Radare and Cutter First, we’ll need to update to the new version of Cutter, the Radare GUI. A pop-up will prompt us to update whenever there is a new version: Click DOWNLOAD and once complete, we’ll unzip the file to execute the cutter.exe and verify that...
Guide

2021 Malware Report

During Tumultuous Times, Malware Threats Thrive The past year was full of upheaval in many different ways, and the cybersecurity world was no exception. Malware continued to wreak havoc, perhaps even more so than usual. The silver lining is that much can be learned from these experiences and analyzed to better bolster against attacks. In this report from Cybersecurity Insiders, sponsored by Fortra...
Video

Why Pen Testing is Essential in Today’s Threat Landscape

As cyber-attacks continue to be disturbingly common, penetration tests have become increasingly important. These valuable assessments, performed using either in-house personnel or third-party service vendors, exploit vulnerabilities to determine the security stance of an IT environment. In fact, according to the 2024 Penetration Testing Survey, 83% of respondents run pen tests at least 1-2 times a...
Video

Getting Inside the Mind of an Attacker: After the Breach - Next Steps After Compromising Active Directory

Unfortunately, the reality of cybersecurity is that attackers will sometimes succeed in breaching an IT environment. Accepting this probability allows you to focus on learning how to detect a breach and manage such attacks. Cybersecurity expert Julio Sanchez demonstrates approaches threat actors may take in an attempt to gain persistence after compromising Active Directory. Learn how each...
Article

Analysis of CVE-2021-26897 DNS Server RCE

CVE-2021-26897 is a DNS server RCE vulnerability, and is triggered when many consecutive Signature RRs Dynamic Updates are sent. This vulnerability is an OOB write on the heap when combining the many consecutive Signature RR Dynamic Updates into base64-encoded strings before writing to the Zone file. According to Microsoft, systems are only vulnerable if a DNS server had dynamic updates enabled....
Article

How to Build a USB Drop Attack

Dropped USB flash drives are still effective means for getting into networks. The goal of this post is to give you a bit of a hands on lab and show you some tricks for actually conducting USB drop attacks, including how to prepare the payload using Core Impact. USB drop attacks are a bit of a performance art form. You need to build an enticing story that’ll make the discoverers of the drop, whom...
Article

Reversing & Exploiting with Free Tools: Part 8

In part 7, we solved ABO2 in GHIDRA. In this part, we’ll use IDA FREE to solve ABO3. As is the case with all of the ABOS, the goal is to run the calculator or some other executable that we want. First, open ABO3 in IDA FREE to analyze it. Searching for the PDB in the symbol server could produce the...
Datasheet

Offensive Security - Advanced Bundle

Core Impact and Cobalt Strike represent two distinct, yet complementary approaches to security assessment. Core Impact is an automated pen testing tool that focuses on initial access and security validation, while Cobalt Strike specializes in advanced post-exploitation techniques for red team operations. In additional to functioning independently, security teams can benefit from both platform...
Blog

Role-Based Access Control: Why It Delivers a Modern Approach for Managing Access

Relying on outdated methods to manage user access is both a constant struggle and a persistent risk to your business. Manually keeping track of users and entitlements is costly, time-consuming, and daunting. But with a modern role-based approach, you can embrace a smarter, simpler, more secure way to manage user access. In this blog, we will define role-based access control (RBAC), explore why it...
Article

How to Deal with Microsoft Monthly Updates to Reverse Engineer Binary Patches

The new format of Microsoft monthly updates have proven challenging to reverse engineer. We’ve figured out a workaround that we hope will be helpful. In the original format, the Microsoft updates have always included the full files to patch, and from there it’s relatively straightforward to work on reversing and diffing through only extracting, without installing the patch. Sometimes the patch...
Blog

Penetration Testing Frequency: How Often Should You Test?

Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture. Many businesses want to stay proactive about securing their IT environment and find that pen testing helps them stay compliant and prove adherence to regulations or industry best practices. According to the...