Penetration Testing
![Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]](https://securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Life at SpecterOps: The Red Team Dream
TL;DRWe are hiring consultants at various levels. The job posting can be found under the Consultant opening here: https://specterops.io/careers/#careersIntroductionHey there! I’m Duane Michael, a Managing Consultant and red teamer at SpecterOps. Over ...
Teach a Man to Phish
PHISHING SCHOOLA Decade of Distilled Phishing WisdomI decided to give away all of my phishing secrets for free. I realized at some point that I have been giving away phishing secrets for years, ...
Web Application Penetration Testing: Steps & Test Cases
How secure are your web applications, really? Consider the risk of a malicious actor exploiting hidden vulnerabilities before you have the chance to address them. Web Application Penetration Testing is... The post ...
Strobes Integrates with Azure Repos: Enhancing Code Security
As software development reaches new heights, ensuring the security and management of your code is more crucial than ever. Seeing the need of the hour, Strobes CTEM is now integrated... The post ...
Sleeping With the Phishes
PHISHING SCHOOLHiding C2 With Stealthy Callback ChannelsWrite a custom command and control (C2) implant — Check ✅Test it on your system — Check ✅Test it in a lab against your client’s endpoint detection and response (EDR) product — Check ✅Convince a target ...
Securing from Active Directory Attacks
Active Directory (AD) lies at the heart of your organization’s Windows network, silently orchestrating user access, authentication, and security. But do you truly understand its workings? This blog peels back... The post ...
Deep Sea Phishing Pt. 2
PHISHING SCHOOLMaking Your Malware Look Legit to Bypasses EDRI wanted to write this blog about several good techniques for endpoint detection and response (EDR) evasion; however, as I was writing about how to ...
Deepfakes, AI, and the Future of Cybersecurity: Insights from Dan DeCloss of PlexTrac
In this episode, host Tom Eston welcomes Dan DeCloss, founder and CTO of PlexTrac. They exchange insights about their history at Veracode and explore Dan’s journey in cybersecurity. Dan shares his experience ...
Deep Sea Phishing Pt. 1
PHISHING SCHOOLHow to Bypass EDR With Custom PayloadsIf endpoint detection and response (EDR) protections keep blocking your phishing payloads, you really should learn how to write custom payloads. If you’ve never written a ...
How Much Does Penetration Testing Cost?
Curious about how much penetration testing costs? You understand its importance, but budgeting for different pentests can be a challenge. This blog post will guide you through the intricacies of... The post ...
