by Zach Hill | Jan 28, 2023 | Help, Penetration Testing, Security
One of the most underrated resources in your toolkit as an I.T. Professional is your ability to take notes. Ironically, this is also one of the least mentioned skills discussed when learning the fundamentals of anything new. We often get asked a variety of questions...
by Alex Olsen | Jan 27, 2023 | Help, Learning, Linux, Penetration Testing, Security
Target enumerated, check. Vulnerability identified, check. Tested payload delivery, check. RCE verified, check. Reverse shell…nope. Today we are going to look at some practical ways to troubleshoot your reverse shell. Some of these points come from logical...
by Steven Amador | Jan 24, 2023 | Penetration Testing
The year 2022 has wrapped up and I find it helpful to share some of the most common findings I have encountered throughout the year. Some of these may not be surprising as they are covered in almost every cybersecurity awareness training course there is. However, it...
by Alex Olsen | Jan 17, 2023 | Penetration Testing, Security
Prototype pollution allows an attacker to modify the prototype of an object. This means we can potentially assign new properties or methods to an object. Furthermore, we may be able to overwrite existing properties. If you’re unfamiliar with prototypes and...
by Zach Hill | Jan 13, 2023 | Help, Penetration Testing, Security
As with any industry, with jargon comes confusion and misunderstanding. 2022 saw a huge rise in the popularity of the buzz-word “Red Team”, but what is the essence of a Red Team? Popular opinion on social media may say “it’s a pentest with no scope,” but that’s a...
by Joe Helle | Jan 11, 2023 | Penetration Testing
Insecure VNC Server Leads to Unlocked LastPass Vault and Domain Admin Credentials When it comes to finding different vulnerabilities or bugs, everyone has that one finding they will talk about years from now, and the first one I want to share today is mine. While...