Creating a Malicious Azure AD OAuth2 Application

October 12, 2021
THIS POST WAS WRITTEN BY @NYXGEEK I decided to write this blog because I’ve seen a lot of articles mentioning that attackers will use a malicious OAuth web app with Azure AD, but I hadn’t actually seen much in the way of good examples of doing so. I’m sure I will find a dozen fantastic examples...

Persistence Through Service Workers—Part 2: C2 Setup and Use

October 7, 2021
In Part 1 of this 2-part blog, we provided an overview of service workers and created an appropriate target application to exploit using Shadow Workers. In this blog post we’ll build our C2 server in Digital Ocean and use Shadow Workers to exploit the target application. It is highly recommended to read Part 1 prior...

Persistence Through Service Workers—Part 1: Introduction and Target Application Setup

October 5, 2021
During a recent discussion about achieving persistence on a web server, someone suggested that I explore using browser service workers. As I began reading about what service workers do, the possibilities for Red Team applications seemed intriguing. But first, I had to find out…what exactly is a service worker? In their efforts to make web...

They’re Watching You! Protecting Yourself From Hidden Cameras

September 30, 2021
Hidden cameras, spy cameras, nanny cams—whatever you call them, you are under surveillance much more than you may realize. While outdoor perimeter cameras and doorbell cameras are commonplace and have been used for quite some time to monitor property, other nefarious hidden cameras are popping up all over the place. Generally, any camera placed inside...

Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do?

September 21, 2021
All businesses operate on the principle that a certain level of trust is necessary between the business itself and the IT components that comprise its supporting infrastructure. These components include hardware and software, as well as the vendors who provide services to the infrastructure. Securing a business supply chain is a big challenge, not only...
threat-hunting-security-blog

Why your threat hunting program building shouldn’t stop once the engagement is over

September 14, 2021
Let’s see, it looks like your organization just met an annual Threat Hunting assessment compliance requirement or achieved the introductory objective of experiencing a formal Threat Hunting assessment. Well done! Now, what should the organization take into consideration after successfully completing the assessment? Once a third-party Threat Hunting assessment concludes, many organizations may feel overwhelmed...
  • Browse by Category

  • Clear Form