New Horizons
Project Management Academy
Six Sigma Online
TCM Security
TRACOM
Velopi
Watermark Learning
Login
Our Blog
Resources and insights
The latest industry news, interviews, technologies, and resources.
How I Almost Got Phished: Advanced Phishing Example
Investigation of real phishing email that used background and interest targeting and an advanced tactic for bypassing spam filters and appearing legitimate.
OWASP Top 10 Prediction | 2025
In this blog, we will make a prediction about the OWASP Top Ten for 2025 by taking a look at CVE data from 2021 through 2024.
Python vs C# – A Pentester Perspective
Python is arguably the preferred language of the hacking community, but I will explain how learning C# makes you a more versatile and in-demand ethical hacker.
Security Teams Need to Think Like Pentesters
We conduct a wide variety of assessments for a wide range of clients. We provide assessment services for universities, health care companies, law firms, telecommunication providers, and many more. Some of our clients have mature infrastructures, while others are still...
So You Want to Be a Hacker: 2022 Edition
Video Version: https://youtu.be/lhz0-qAQlBM Introduction Last year, I posted a blog (https://tcm-sec.com/so-you-want-to-be-a-hacker-2021-edition/) and video (https://www.youtube.com/watch?v=mdsChhW056A) on how to become an ethical hacker in 2021. Given that it...
Bypassing Defender the Easy Way – Fodhelper
If you’ve ever tried to run a command prompt as administrator on your Windows OS before, you’ve seen a harmless popup appear. This is Windows User Account Control, or UAC. According to Microsoft, UAC “is a fundamental component of Microsoft’s overall security vision....
Pentest Tales #002: Digging Deep
Welcome to the second edition of Pentest Tales, a blog series that walks through real-world pentests we’ve performed in the past.
Kerberoasting Domain Accounts
The Gift That Keeps on Giving Few vulnerabilities in the Windows Active Directory environment have had the long-lasting impact that Service Principal Names (SPN) have. Domain-connected services, such as MSSQL servers, web servers, and more may be connected and issued...
ASREP Roasting & Pre-Authentication in AD Environments
Any Systems Administrator knows that the task of securing an Active Directory environment is a never-ending task. Since the first Windows AD was released with Server 2000, Microsoft has added countless features. Many of these features are created with connectivity in...
Stay Ahead of Cyber Threats
Get expert insights on the latest penetration testing strategies, emerging vulnerabilities, and cybersecurity best practices—straight to your inbox.
Loading form...
We care about your data in our privacy policy.