Hot Topics

Hacking

Badge Life: The CISO Team Takes on DEF CON

Badge Life: The CISO Team Takes on DEF CON

| | Blog Posts, conference, Cybersecurity, DEF CON, Hacking, pen testing, Photoblog
The CISO Global Pen Testing Team Earlier this month, a group of our intrepid pen testers from our Readiness & Resilience team at CISO Global ventured into the heart of the hacking ...
CISO Global
Teach a Man to Phish

Teach a Man to Phish

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLA Decade of Distilled Phishing WisdomI decided to give away all of my phishing secrets for free. I realized at some point that I have been giving away phishing secrets for years, ...
Posts By SpecterOps Team Members - Medium
The War for Control of DNS Encryption | Paul Vixie | WWHF Deadwood 2020 Virtual

Sleeping With the Phishes

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLHiding C2 With Stealthy Callback ChannelsWrite a custom command and control (C2) implant — Check ✅Test it on your system — Check ✅Test it in a lab against your client’s endpoint detection and response (EDR) product — Check ✅Convince a target ...
Posts By SpecterOps Team Members - Medium
U.S Senate Hearing :The Cyber Safety Review Board - Testimony from Tarah Wheeler

On the Cyber Safety Review Board

| | Computer security, Cybersecurity, Hacking, Uncategorized
When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty ...
Schneier on Security
DEF CON 30 - Nick Powers, Steven Flores – ClickOnce AbUse for Trusted Code Execution

Deep Sea Phishing Pt. 2

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLMaking Your Malware Look Legit to Bypasses EDRI wanted to write this blog about several good techniques for endpoint detection and response (EDR) evasion; however, as I was writing about how to ...
Posts By SpecterOps Team Members - Medium
Deep Sea Phishing Pt. 1

Deep Sea Phishing Pt. 1

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLHow to Bypass EDR With Custom PayloadsIf endpoint detection and response (EDR) protections keep blocking your phishing payloads, you really should learn how to write custom payloads. If you’ve never written a ...
Posts By SpecterOps Team Members - Medium
Phish Out of Water

Phish Out of Water

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLBypassing Web Proxies so Your Phish Don’t SuffocateYou just fought long and hard to convince a user to click on your link. They are dying to know about the contents of ...
Posts By SpecterOps Team Members - Medium

Hacking Scientific Citations

| | academic, Fraud, Hacking, Uncategorized
Some scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, ...
Schneier on Security
Drink Like a Phish

Drink Like a Phish

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLHow to Make Your Phishing Sites Blend InAs you read this, bots are coming to find and destroy your phishing sites. You need to protect them before it’s too late! But how?A phishing ...
Posts By SpecterOps Team Members - Medium
Like Shooting Phish in a Barrel

Like Shooting Phish in a Barrel

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLBypassing Link CrawlersYou’ve just convinced a target user to click your link. In doing so, you have achieved the critical step in social engineering:Convincing someone to let you in the door!Now, we just ...
Posts By SpecterOps Team Members - Medium
Load more

Application Security Check Up