Red Teaming

Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

November 24, 2023January 10, 2024

Link-Local Multicast Name Resolution (LLMNR), a seemingly important protocol in Windows environments, can be a silent accomplice for cyber adversaries seeking to exploit network vulnerabilities. Let us understand the technical intricacies of LLMNR and unravel how it can be exploited for reconnaissance purposes, examining each step from a Red Teamer’s… Read More »Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

November 23, 2023November 27, 2023

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that ensure secure communication over the internet. They provide data encryption, authentication, and integrity verification to protect sensitive information transmitted between a user’s web browser and a website, or between servers. This security is crucial for… Read More »Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

How Do Attackers Utilize .git For Fun And Profit?

November 17, 2023January 10, 2024

Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of… Read More »How Do Attackers Utilize .git For Fun And Profit?

Gartner HypeCycle Graph for Endpoint Security - FireCompass

FireCompass Named A Sample Vendor In Gartner® Hype Cycle for Security Operations, 2022

August 25, 2022March 27, 2024

Can your security team confidently answer the following questions? Which vulnerabilities have the greatest chance of being exploited by an adversary? What are your action points to identify the unknown risks and vulnerabilities in our environment? Which infrastructure changes or digital transformation initiatives in the last 7 days have altered… Read More »FireCompass Named A Sample Vendor In Gartner® Hype Cycle for Security Operations, 2022

How Do You Know If Your Organization Is Ready For A Red Team Assessment?

January 15, 2021March 16, 2023

In this article, we will find out if you as an organization are ready for an assessment. While most organizations today have gone through some of the other forms of assessment, it is important to know if you as an organization are at the stage of exploring red teaming. Before… Read More »How Do You Know If Your Organization Is Ready For A Red Team Assessment?