TrustedSec

<p>NTDS.dit is the file housing the data for Windows Active Directory (AD). In this blog post, I’ll be diving into how the file is organized. I’ll also be walking through the new open-source tool DIT Explorer I developed…</p>

<p>Are you interested in incorporating Large Language Models (LLMs) into app tests yet lack the tooling to get you there? This blog walks through how to start using effective LLM attacks today.</p>

<p>1.1      IntroductionIn this blog, I will explore Retrieval-Augmented Generation (RAG) and how it can be applied to research capabilities. RAG is a framework that integrates retrieval-based models with generative AI to…</p>

<p>The Payment Card Industry Security Standards Council (PCI SSC) just announced a change to Self Assessment Questionnaire A (SAQ A). The change eliminates two (2) requirements relevant to eCommerce sites, 6.4.3 and…</p>

<p>IntroductionEvery once in a while, I get the urge to go back and revisit older techniques that used to be popular but have fallen out of favor with the offensive community. Things like Office Macros, PowerShell, and…</p>

<p>My typical engagements are mostly Red Teams, so I do not often get a chance to play with terminal server application breakouts—but on a recent engagement, I did. For me, it was a great refresher on typical things to do…</p>

<p>Not another password change! Isn’t one (1) extra-long password enough? As a former Incident Response, Identity and Access Control, and Education and Awareness guru, I can attest that password security and complexity…</p>

<p>We're back with another post about common malware techniques. This time, we are talking about using shared memory sections to inject and execute code in a remote process. This method of process injection uses Windows…</p>

<p>At TrustedSec, we are all about leveraging our collective intelligence and knowledge to uplift the cybersecurity community. One of our most popular educational outlets is The Security Blog, where our experts divulge…</p>

<p>From the team that brought you COFF Loader, CS-Situational-Awareness-BOF, CS-Remote-OPs-BOF, and numerous blogs on BOFs, we are excited to release our first on-demand class: Building BOFs. TrustedSec has had private…</p>

<p>Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my focus has been on deserialization vulnerabilities in .NET…</p>

<p>If you've done any network scanning or application testing, you've run into your fair share of HTTP response codes. If not, these codes will show up in most network tools and vulnerability scanners, everything from…</p>

<p>JSON Web Tokens (JWTs) are a widely used format for applications and APIs to pass authorization information. These tokens often use a JSON Web Signature (JWS) to verify that the data within the payload has not been…</p>

<p>Update November 12, 2024 - This vulnerability has been patched. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49019This post was originally published on October 8, 2024. TL;DR - Using built-in default…</p>

<p>On a recent red team engagement, I was able to compromise the Jenkins admin user via retrieving the necessary components and decrypting credentials.xml. From here, I wanted to investigate Groovy, as it’s something I’ve…</p>

<p>Earlier this year, I gave a talk at Steelcon on .NET deserialization and how it can be used for Red Team ops. That talk focused on the theory of .NET deserialization, how to identify new vulnerabilities, and some…</p>

<p>Previously on Let's Clone a Cloner, I needed a long-range RFID badge cloner. There are many walkthroughs out there on how to build a cloner that are fantastic, innovative builds, but I wanted one that meets all of my…</p>

<p>IntroductionYet another user-enumeration method has been identified in Azure. While Microsoft may have disabled Basic Authentication some time ago, we can still abuse it to identify valid users with a classic…</p>

<p>Recap of Part&nbsp;1This is the second of a two-part series on Data Classification. The first part spoke to the fact that most security programs grow organically and in the wake of the growth of the business. This…</p>

<p>"It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts."-Sir Arthur Conan Doyle, Sherlock Holmes, 18911.1     …</p>