Creating a Malicious Azure AD OAuth2 Application

October 12, 2021

THIS POST WAS WRITTEN BY @NYXGEEK I decided to write this blog because I’ve seen a lot of articles mentioning that attackers will use a malicious OAuth web app with Azure AD, but I hadn’t actually seen much in the way of good examples of doing so. I’m sure I will find a dozen fantastic examples…

Read

Persistence Through Service Workers—Part 2: C2 Setup and Use

October 7, 2021

In Part 1 of this 2-part blog, we provided an overview of service workers and created an appropriate target application to exploit using Shadow Workers. In this blog post we’ll build our C2 server in Digital Ocean and use Shadow Workers to exploit the target application. It is highly recommended to read Part 1 prior…

Read

Persistence Through Service Workers—Part 1: Introduction and Target Application Setup

October 5, 2021

During a recent discussion about achieving persistence on a web server, someone suggested that I explore using browser service workers. As I began reading about what service workers do, the possibilities for Red Team applications seemed intriguing. But first, I had to find out…what exactly is a service worker? In their efforts to make web…

Read

They’re Watching You! Protecting Yourself From Hidden Cameras

September 30, 2021

Hidden cameras, spy cameras, nanny cams—whatever you call them, you are under surveillance much more than you may realize. While outdoor perimeter cameras and doorbell cameras are commonplace and have been used for quite some time to monitor property, other nefarious hidden cameras are popping up all over the place. Generally, any camera placed inside…

Read

Update: The Defensive Security Strategy

September 9, 2021

Original post:  https://www.trustedsec.com/blog/the-defensive-security-strategy-what-strategy/ Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advanced and changed, these massive exposures are continuing to occur. The question is why, and how, are they occurring? While common issues are often leveraged, the mentality around them is…

Read
Blog post cover

Obsidian, Taming a Collective Consciousness

September 7, 2021

The Problem On August 05, 2021, a member of the Conti ransomware group leaked some of the group’s internal playbooks and technical documentation. Irrespective of any details surrounding the leak or its contents, the event itself prompted a more widespread examination of how teams’ maintain their operational playbooks and documentation. A tweet by Mubix came…

Read

Introducing iHide – A New Jailbreak Detection Bypass Tool

September 2, 2021

Today, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. You can install iHide by adding the repo https://repo.kc57.com in Cydia or clicking here on an iOS device with Cydia installed. Additionally, you can check out the code and build/install it yourself if you prefer. Once installed, iHide will add…

Read

Oh, Behave! Figuring Out User Behavior

August 19, 2021

One topic that has always been of interest to me is how users actually use their computers. While TrustedSec does have the ability to understand a system when we encounter it, there are still mysteries around normal user behavior. Understanding user behavior becomes even more important when attempting to defeat next generation of EDRs that…

Read

BITS Persistence for Script Kiddies

June 29, 2021

Introduction Using and abusing the BITS service is a lot of fun. I can’t believe Windows just gives away this hacker tool for free. But wait, wait, are you telling me that there’s more? Does it come with a free blender? What else can this service do for me? In the last installment, we covered…

Read

Real or Fake? When Your Fraud Notice Looks Like a Phish

June 3, 2021

So I Received a Phishing Email… I recently received an email indicating my credit card number had potentially been stolen and used for fraud. At this point, I am used to both having my credit card number stolen and receiving messages telling me it’s been stolen when it has not. My attempt to determine whether…

Read
  • Browse by Category

  • Clear Form