New Release: The Social-Engineer Toolkit (SET) v7.2 “Wine and Gold”

June 28, 2016 | By:

Today we release a new version of the Social-Engineer Toolkit (SET) v7.2 codename: “Wine and Gold”. For non-Cavs or non sports ball fans – apologies but couldn’t resist. This version has a number of enhancements and additions and represents over two months worth of development. Based on the show “Mr. Robot” which we think is…


The Social-Engineer Toolkit (SET) v7.1 “Blue Steel” Released

April 25, 2016 | By:

TrustedSec is proud to announce the release of the Social-Engineer Toolkit (SET) v7.1 “Blue Steel”. This release incorporates a lot of new additions, improvements, and bug fixes. The most exciting feature is a large rewrite of the MSSQL Bruter attack vector. Originally this was written using impacket and the TDS module. This has been re-written…


The Hacker Vaccine – 100% Protection Against Hackers

April 01, 2016 | By:

TrustedSec has been working feverishly to understand what true cyber pathogens face corporations around the world. After years of analyzing major sophisticated hackers and their techniques, we have finally developed artificial intelligence aimed at combating the threats of every type of actor in this world. Today we release a new tool that combats the cyber…


SHIPS version 2 Released! (major release)

March 16, 2016 | By:

The Shared Host Integrated Password System (SHIPS) is an open-source solution created by Geoff Walton from TrustedSec to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Our goal is to make post exploitation more difficult and provide a…


SET v7.0 “RemembRance” Released!

February 08, 2016 | By:

TrustedSec is proud to announce the release of the major version of the Social-Engineer Toolkit (SET) v7.0 codename “RemembRance”. The codename has a lot of meaning and is in remembering David Jones (Rance) who passed away last month to cancer. Always remember you buddy and the difference you made in all of us! This release…


Vote ISC2 2015 Elections – VOTE TODAY!

November 16, 2015 | By:

This year I decided to run for the ICS2 board of directors because I think I can make changes that are positive for folks that have supported ISC2 in the past. Today opens up the voting, if you have three minutes of your time – I would greatly appreciate a vote! I know your time…


Introducing TAP – An Open-Source Attack Platform

October 28, 2015 | By:

As security assessors, we don’t always have the luxury of being onsite working with our customers all of the time. For that reason, I created the TrustedSec Attack Platform (TAP) device. Basic concept is that you can deploy a box to the customer and have it automatically establish itself back to you in order to…


TS Additions to the Family

October 20, 2015 | By:

When you start a company – the biggest thing is ensuring that you can support a growth model to bring in awesome talent and keep the consistency and quality. When I started TrustedSec several years ago, my mindset was to only grow when we had the right people to grow with. Never to grow because…


New Tool: SprayWMI – Mass WMI Pwnage

October 15, 2015 | By:

Awhile back one of our folks Justin Elze (also wears white socks with business attire, just saying) wrote an amazing blog post around no need for PSEXEC: https://www.trustedsec.com/june-2015/no_psexec_needed/ In the blog post, Justin went through how to leverage wmis and wmic for exploitation methods instead of using PSEXEC. Some of the downfalls is that pass…


DerbyCon CTF Statistics

October 01, 2015 | By:

TrustedSec gathered the following statistics based upon the 2015 DerbyCon CTF from Sept 25-27.  The statistics reveal some interesting points.  For instance the fact that approximately 74% of the teams or accounts that were registered found at least one valid flag.   Some of the other statistics are provided below. Teams/Accounts Registered:  154  (114 or ~74%…