The World’s Foremost Security Experts

When founder David Kennedy created TrustedSec, he set out to change the security industry for the better with the goal of assembling the most technically advanced team of consultants and advisors. With a team handpicked not only for expertise and technical skill, but for ethical character and dedication, TrustedSec is committed to increasing the security posture of organizations around the world.

Senior Technical Experts
Senior Technical Experts
Research-focused
Research-Focused
dedicated & committed team
Dedicated & Committed Team
Executive-level Experience
Dave Kennedy

Research + Red Team + Risk Management: Assessing Evolving Threats

As cyber attackers continually hone and advance their methods, organizations are obligated to respond in kind by evolving their own strategies to keep up. But because organizations do not have endless resources to devote to security (and the focus of their business often lies elsewhere), it can be challenging to have the perspective necessary to stay ahead of potential attacks.
Get Your Copy

Security Resources

Dedicated to creating open source tools and content that help make the world more secure

Blog

SIGINT to Synthesis

June 24, 2019 | By Brian Berg
Read more

News

Hackers Taunt, Threaten People Through Nanny Cams

December 16, 2019
Read more

The TrustedSec Podcast

Citrix Mayhem

January 31, 2020

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, David Boyd, Alex Hamerstone and Rob Simon.

Play Citrix Mayhem podcast Listen to the Podcast

Citrix Mayhem

January 31, 2020 | Rob Simon, Geoff Walton, David Boyd and Alex Hamerstone

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, David Boyd, Alex Hamerstone and Rob Simon.

Title: Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution

URL: https://www.trustedsec.com/blog/critical-exposure-in-citrix-adc-netscaler-unauthenticated-remote-code-execution/

Author: David Kennedy

 

Title: Microsoft patches Windows 10 after the NSA quietly told it about a major vulnerability

URL: https://www.cnbc.com/2020/01/14/microsoft-to-patch-windows-10-after-nsa-finds-vulnerability.html

Author: Kate Fazzini

URL2: https://news.ycombinator.com/item?id=22048619

Author2: tptacek

URL3: https://curveballtest.com/index.html

Author3: SANS Internet Storm Center

 

Title: Seven Years Later, Scores of EAS Systems Still sit UN-Pached, Vulnerable

URL: https://securityledger.com/2020/01/seven-years-later-scores-of-eas-systems-sit-un-patched-vulnerable/

Author: Paul Roberts

Featured Open Source Projects

The Social-Engineer Toolkit (SET)

SET is a powerful tool for social-engineering.

PenTesters Framework (PTF)

The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing.

Shared Host Integrated Password System (SHIPS)

SHIPS is a local super user or administrator password manager.

TrevorC2

TrevorC2 is a legitimate website that tunnels client/server communications for covert command execution.

UNICORN

UNICORN is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.

Physical Security Assessment Documentation

This is a collection of legal wording and documentation created to be a template for others to use and to protect themselves when conducting physical security assessments.
See all open source projects