Technical Resources

Technical

Latest Technical Resources

Leveraging hijacked Slack sessions on macOS
Jan 07, 2021 Nicholas Anastasi

Leveraging hijacked Slack sessions on macOS

We are going to dig into Slack workspace compromise to provide additional information and tooling you can use to leverage access. This guidance will build off of “Abusing Slack for Offensive Operations”, a great article Cody Thomas wrote for the SpectrOps blog.
Pro tips for purchasing and aging phishing domains
Nov 12, 2020 Nicholas Anastasi

Pro tips for purchasing and aging phishing domains

Good command-and-control infrastructure requires a known, trusted domain. When you’re first starting out, this can be difficult to find, but luckily other testers have provided many great resources.
Discovering Active Directory Controllers in your Client Network
Oct 30, 2020 Nicholas Anastasi

Discovering Active Directory Controllers in your Client Network

After initially accessing an internal network during a penetration test, you need to find out what the Active Directory (AD) infrastructure looks like. Here, we’re going to examine methods for this process from both Windows and Linux, so you have an approach in your back pocket that fits your needs.
How to defend against password spraying
Oct 21, 2020 Nicholas Anastasi

How to defend against password spraying

Given how often we see this tactic used, we’re going to break down the basics. We want to help you understand how password spraying works, along with some effective steps you can take to prevent it from being used against your organization. What is password spraying?
How to exploit Zerologon (CVE-2020-1472)
Sep 18, 2020 Nicholas Anastasi

How to exploit Zerologon (CVE-2020-1472)

Recently, one of the most significant Microsoft Windows vulnerabilities since Eternal Blue (MS17-010) was brought to light. We’re going to show you how to exploit it during a pentest.
Passive Internal Recon in Continuous Pentesting
Sep 14, 2020 Nicholas Anastasi

Passive Internal Recon in Continuous Pentesting

When we launch continuous penetration testing in a new network, we don't want to raise suspicion of our presence. For one reason, we may be able to get credentials without doing anything intrusive at all. To do it, we use packet captures and some external tooling. Below, we’ll break down how to do it, along with a few of our favorite...
« 5 6 7 8 9 »