Red Team Engagement Guide: How an Organization Should React

December 5, 2019

A lengthy Red Team engagement is coming. What should the defense do if they catch the offense? Reimage systems? Notify and allow? What is the course of action that allows the engagement to proceed and deliver maximum value to the organization? These can be difficult questions to answer, but ones that companies procuring these tests…


Discovering the Anti-Virus Signature and Bypassing It

October 24, 2019

In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them. I am a big fan of LOLBins so we are going to focus on the binary Regsvr32, which is a known binary that can be…

Discovering Oracle blog graphic

W32.Coozie: Discovering Oracle CVE-2018-3253

October 17, 2018

NOTE: On October 17th, 2018 Oracle released a patch for this vulnerability as several others: There are times when finding a 0day in a major-branded product like Oracle takes months of research, and there are times when it just jumps off the screen and you think to yourself, ‘There’s no possible way that is…

digital and realistic sword graphic

From Scans to Adversary Emulation, Pentesting is Evolving Rapidly

June 14, 2018

Traditional pentesting is evolving as many companies are rapidly maturing their information security programs. Additionally, improvements in operating system hardening, endpoint protection agents, and security appliances are raising the bar for successful compromise and lateral movement. If you talk with pentesters across the industry, you will hear more and more positive stories about client security…

juxtaposition of locks and lines of code

Penetration Testing has gotten tougher – and why that increases your risk

June 4, 2018

There’s been a radical shift in the assessment industry over the last couple of years. We’ve all probably heard that Artificial Intelligence, Machine Learning, User and Entity Behavioral Analysis, Analytics, Detection and Response tools, etc., are advancing and improving defensive postures.  According to Gartner, annual spending on defensive security technology will exceed $82 Billion dollars…

Going Purple white paper iPad mockup

White Paper: Why Penetration Testing Needs Continual Evolution – Going Purple

August 1, 2017

Download TrustedSec’s white paper: White Paper: Why Penetration Testing Needs Continual Evolution – Going Purple In this white paper you’ll find information detailing the needed changes to typical types of penetration testing. Download now

  • Browse by Category

  • Clear Form