Resources

Core Impact Adds Integrations for Frontline VM and beSECURE
Blog

A Spotlight on Cybersecurity: 2022 Trends and 2023 Predictions

Thu, 12/15/2022
In 2022, geopolitical unrest and an expanding online attack surface contributed to the emergence of several themes across the cyber landscape. Infrastructures associated with opposing ideologies were highly targeted, with government agencies, supply chains, and IOT devices falling victim to high-profile campaigns. Cybercriminals launched increasingly advanced attacks on vulnerable entities, with...
Video

A Spotlight on Cybersecurity: 2022 Trends and 2023 Predictions

Tue, 12/13/2022
After years of growing in importance, cybersecurity took center stage in 2022, with cyberattacks not only continuing to cause global disturbances, but also becoming the focus of legislation, organizational planning, news coverage, and even major plot points on tv. Amidst the flurry of activity, common themes have emerged regarding cyber threats and the way respond to them, including: Increased...
Article

Reversing and Exploiting with Free Tools: Part 15

In part 14, we began discussing how to analyze the difficulty of creating a rop depending on the scenario. In this part, we’ll continue that discussion with a rop that is not as simple as the ones we have seen in previous parts. As we did last time, we’ll start by using radare in visual mode to practice. Reversing with Radare, Exercise 2: 32 Bits As a reminder, the exercises are available here:...
cs-web-asset-thumbnails-guide-white-paper-pdf-download.jpg
Guide

Cybersecurity Trends and Predictions for 2022-2023

It’s no surprise to cybersecurity professionals that threats have continued to ameliorate and outpace attempts to contain them. War, supply chain issues, continued remote work, and other upheaval create opportunities for cyber disruptors. But organizations may be getting better at preparing for and guarding against intrusion. Governments around the globe have begun to appreciate the possibility of...
Active Directory Attack Scenarios Part 3: Deserializing Your Way In
Blog

Active Directory Attack Scenarios Part 3: Deserializing Your Way In

By Fernando Diaz on Tue, 11/08/2022
In this series focusing on Active Directory attacks, we’re running through four different scenarios based on real penetration testing engagements that demonstrate the variety of techniques and tactics that can be used to compromise Active Directory. Part one showed how attackers can gain control using overlooked assets like network connected printers as attack vectors. Part two went over how to go...
Penetration Testing
active directory attack scenarios part 2
Blog

Active Directory Attack Scenarios Part 2: Going Beyond Domain Admin

By Fernando Diaz on Fri, 11/04/2022
In this series focusing on Active Directory attacks, we’re running through four different scenarios based on real penetration testing engagements that demonstrate the variety of techniques and tactics that can be used to compromise Active Directory. In part one, we explored how attackers can take advantage of ignored assets like network connected printers and use them as attack vectors, eventually...
Penetration Testing
Red Team
Organization security
Video

Determining the Best Approach to PAM for You

Tue, 11/01/2022
Privileged Access Management (PAM) tools for IT and network infrastructure have been available for more than thirty years. As these tools have evolved, two methodologies have emerged, both with the goal of regulating and protecting privileged accounts. This webinar will explore the two main approaches to PAM. First, Privileged Account and Session Management (PASM), which is chiefly a password...
PAM
How Offensive Security Enhances Visibility Into Potential Threats
Blog

How Offensive Security Enhances Visibility Into Potential Threats

Tue, 10/18/2022
Prior to launching a targeted attack against an organization, threat actors conduct thorough reconnaissance missions, gathering intelligence on employees, the infrastructure, and more. They want to know every possible inch of the attack surface to find every potential exposure before they make their move, using an array of tools and tactics to exploit vulnerable infrastructure. Cybercrime is...
Penetration Testing
Video

When to Use Pen Testing, Red Teaming, or Both

Thu, 10/06/2022
Penetration testing and Red Teaming are two security assessment tools that have quickly gained traction in recent years, with professionals at all levels eager to jump onto the trend. However, to get real value out of these tools, you must first ensure your security program is mature enough to properly conduct one or both. But how do you figure out whether you’re ready for a pen test, a Red Team...
Penetration Testing
Red Team
Video

Securing Your Amazon Web Infrastructure

Wed, 09/28/2022
Dynamic public cloud environments like Amazon Web Services (AWS) S3 buckets have made development faster than ever. Development teams have access to a highly scalable object storage infrastructure where data is easily managed and retrievable for analysis. As popularity and usage of cloud storage continues to grow, one blind spot among users has emerged: security. Misconfiguration of these...
Security Tips
Blog

Intelligence Gathering - The Foundation of a Good Penetration Test

Fri, 09/23/2022
Penetration testing is more than a bunch of ex-hackers in hoodies attempting to break into an organization that hired them. It is a carefully planned and organized engagement that probes and tests a defined piece of an organization's IT infrastructure for potential flaws. Without good intelligence to work from, testers cannot efficiently conduct their attacks, leaving potentially unidentified gaps...
Penetration Testing
Article

Reversing and Exploiting with Free Tools: Part 14

In part 13, we analyzed and adapted the RESOLVER for 64 bits. In this part, we’ll discuss how to analyze the difficulty of creating a rop depending on the scenario. As we have seen in the previous tutorials, the difficulty of creating a rop can vary depending on the circumstances and characteristics of the vulnerability. The four questions we have previously introduced also helps us discover the...
active-directory-attack-scenarios-part-one-print
Blog

Active Directory Attack Scenarios: The Path from Printer to Domain Admin

By Fernando Diaz on Thu, 09/22/2022
Active Directory is an essential application within an organization, facilitating and centralizing network management through domain, user, and object creation, as well as authentication and authorization of users. Active Directory also serves as a database, storing usernames, passwords, permissions, and more. Active Directory is a perfect example of a technological double-edged sword. While such...
Penetration Testing
Data Security
Blog

Common Security Concerns and How to Reduce Your Risk

Wed, 08/31/2022
What common security risks/entry points are you most concerned about?In our 2024 Pen Testing Survey we asked what common security risks concerned respondents most. While phishing (80%) and ransomware (72%) were the top concerns, other options had a high enough percentage to warrant further discussion. These included: • Misconfiguration• Poor passwords• Lack of patching• Orphaned...
Penetration Testing
Penetration Testing for Regulatory Compliance
Blog

Penetration Testing for Regulatory Compliance

Mon, 08/22/2022
According to the 2023 Pen Testing Report, 93% of cybersecurity professionals reported pen testing was at least somewhat important for their compliance initiatives. Why is pen testing as a key component of compliance initiatives, and what is the best strategy for meeting this requirement?
Penetration Testing
Compliance
Core Impact Adds Integrations for Frontline VM and beSECURE
Blog

4 Steps to Take Following a Pen Test

Wed, 08/03/2022
Congratulations! You’ve just completed a penetration test. So what now? A pen test shouldn’t represent the pinnacle of your security efforts. Rather, the test validates what your organization is doing right and highlights areas for improvement. Even if the test showed that it was possible to gain administrative access and move laterally through your network, this doesn’t mean you have “failed.”...
Penetration Testing
Article

Creating Processes Using System Calls

When we think about EDR or AV evasion, one of the most widespread methods adopted by offensive teams is the use of system calls (syscalls) to carry out specific actions. This technique is so common and effective simply because most AVs/EDR have userland hooks to track and intercept requests userland processes make. However, we found that a key userland API, CreateProcess, is still extensively used...
Typing on computer with security shield
Blog

Going on the Offensive: Federal Agencies Must Move from a Reactive to Proactive Security Approach 

Wed, 07/27/2022
Modern threat actors and the condition of today’s threat landscape are forcing the collective hand of cybersecurity to go on the offensive -- and federal agencies are no exception. As cyber attackers grow increasingly adept at identifying and exploiting infrastructure weaknesses, they will opt for the path of least resistance. Therefore, agencies with a security posture that goes beyond...
Penetration Testing