Author

Casey Cammilleri

Explore the author's collection.

Resources by Casey Cammilleri

How To Securely Share Your Backups and Passwords Upon your Death

A tutorial on how to build a secure, distributed, and multiple authorization backup method to recovery your digital life.

Read more

Users are a top threat to your network – and here’s why bug bounties won’t help

Bug-bounty programs live and die by their ability to target public-facing assets and then expose related vulnerabilities. But one asset is out of their reach, and it’s arguably the most dangerous to your network. read more →

Preventing Social Engineering Breaches

It’s pretty common for companies to bundle social engineering into their penetration testing programs. But when the report shows up, you may find you’re surprised and frustrated at the rate of employees clicking links… read more →

Credential Stuffing: 5 basics you need to understand

It’s tempting to re-use the same password for multiple online accounts. Many of us have done it (it’s OK; this is a safe space). Convenient as it seems, this action puts you at high risk to get hacked via credential… read more →

12 Ways You'll Benefit from Continuous Penetration Testing

You need more value out of your pentests. The traditional point-in-time testing isn't cutting it. Continuous penetration testing brings an innovative methodology that better protects you and your business. This post… read more →

Penetration Testing Dropbox Part 3 - Provisioning

This is part 3 in a series about managing dropboxes for internal penetration testing. This part is all about provisioning a dropbox to be used with our OpenVPN server that we setup in [part… read more →

Penetration Testing Dropbox Part 2 - VPN Infrastructure

In part 2 we go beyond autossh and create a OpenVPN server that our dropboxes and pentesters will connect to. We'll walk through configurations and certificates needed for seamless connectivity. read more →

Penetration Testing Dropbox Part 1 - Hardware

Setup and managing a pentest dropbox infrastructure should be simple, reliable, and versatile. In part 1 we'll show you the hardware options, and in part 2 we'll go beyond autossh and create a OpenVPN environment that… read more →

Getting started with MITRE CALDERA

The MITRE CALDERA project is an automated adversary emulation system. It's primary purpose is to execute a series of operations to help determine if adversarial tactics can be detected in your enterprise environment. read more →

Autored - Using Terraform to Quickly Launch Empire

This is the start of a series I'm calling Autored. My goal is to quickly stand up temporary systems I commonly use during an engagement. In this post I'll cover how to deploy an Empire server in AWS in less than 3… read more →

Protect your company with Sprocket

Know your threats when they emerge.

When your environment changes, or new threats affect your attack surface, we perform security testing. There is a lot more value from this modern approach to testing.

Request a quote Learn how it works

Continuous Penetration Testing Subscription

  • Pentests
  • Web App Testing
  • Red Teaming
  • Social Engineering
  • Adversary Simulations