More Options for Response Modification -With ResponseTinker

March 25, 2021

As the web application footprint migrates client-side, tools to thoroughly analyze and test client behavior are becoming increasingly important. Burp Suite has made some great strides in this direction with their browser-based enhancements to crawling and scanning, but when it comes time to really dig into the particulars for research, we are still very much…

Read

Front, Validate, and Redirect

February 16, 2021

In the age of threat hunting, automated mass scanning, and the occasionally curious SOC, properly securing your command and control (C2) infrastructure is key to any engagement. While many setups today include a CDN Domain Front with a custom Nginx or Apache ruleset sprinkled on top, I wanted to share my recipe for success. Fully…

Read

Tailoring Cobalt Strike on Target

January 28, 2021

We’ve all been there: you’ve completed your initial recon, sent in your emails to gather those leaked HTTP headers, spent an age configuring your malleable profile to be just right, set up your CDNs, and spun up your redirectors. Then it’s time, you send in your email aaaaaand…nothing. You can see from your DNS diagnostic…

Read

What Spring Data can teach us about API misconfiguration

January 22, 2021

A security researcher (Joel Noguera @niemand_sec) discovered a ‘critical’ misconfiguration bug in Spring Data’s Application Level Profile Semantics (ALPS). This bug allows unauthenticated users to perform an Application Programming Interface (API) request, which responds with sensitive user data that can be utilized, manipulated, or even deleted. What is ALPS? “ALPS [is] a data format for defining…

Read

Get to Hacking MASSively Faster – The Release of SpooNMAP

January 19, 2021

I’m sure everyone is already using Masscan and I’m the last one to jump on the bandwagon. Honestly, I don’t know how I got anything done before finding this tool. If you’re not aware, Masscan is an asynchronous, TCP network port scanner. It’s an incredibly fast tool that can be used to quickly identify live…

Read

SolarWinds Backdoor (Sunburst) Incident Response Playbook

December 17, 2020

Over the last several days, TrustedSec has received queries on the best ways to contain, eradicate, and remediate the SolarWinds backdoor (aka #solarigate aka Sunburst). The TrustedSec Incident Response team has put together a playbook of recommended actions to provide some level of assurance that your organization is no longer affected by the backdoor. This…

Read

4 Free Easy Wins That Make Red Teams Harder

December 10, 2020

In this post, I will cover some easy things that defenders can do to make it harder for attackers to succeed. As you all know, there is never a silver bullet when it comes to security, so these tips will only make it harder for attackers by focusing on the basics, and sometimes, that helps…

Read

An Update On Non-Aggressive Reporting

November 19, 2020

Reporting is an essential piece of the penetration testing puzzle. It’s the product your client will be reviewing within their organization, representing you and your company to those you may not have worked with directly. With that in mind, it’s important that your product, the report, strikes a balance between professional tone and cold facts….

Read

The Tale of the Lost, but not Forgotten, Undocumented NetSync: Part 1

October 27, 2020

They say, “Everything old is new again.” Or, if you are a Game of Thrones fan, “What is dead may never die.” For me, however, a mentor once told me, “Everyone is going forward. I’m going backward.” Enter NetSync… I find Twitter to be a good source for InfoSec tactics, techniques, and procedures (TTPs). Anytime…

Read

The Tale of the Lost, but not Forgotten, Undocumented NetSync: Part 2

October 27, 2020

This is a continuation of The Tale of the Lost, but not Forgotten, Undocumented NetSync (part 1) and in this section, we will look to answer: What are Some Early Indicators to Detect NetSync at the Host-based Level? What are Some Possible Controls to Deter NetSync? In an accompanying blog post, Are You Seeing What…

Read
  • Browse by Category

  • Clear Form