Skip to content

Red Teaming

Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

Link-Local Multicast Name Resolution (LLMNR), a seemingly important protocol in Windows environments, can be a silent accomplice for cyber adversaries seeking to exploit network vulnerabilities. Let us understand the technical intricacies of LLMNR and unravel how it can be exploited for reconnaissance purposes, examining each step from a Red Teamer’s perspective. Understanding LLMNR LLMNR is… Read More »Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

Unveiling SSL / TLS Vulnerabilities: A Red Teamer's Guide to Exploiting Weaknesses with SSLScan and TestSSL

Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that ensure secure communication over the internet. They provide data encryption, authentication, and integrity verification to protect sensitive information transmitted between a user’s web browser and a website, or between servers. This security is crucial for online transactions, sensitive data exchange,… Read More »Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

How do attackers utilize .git

How Do Attackers Utilize .git For Fun And Profit?

Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of software development, Git stands as… Read More »How Do Attackers Utilize .git For Fun And Profit?

Gartner HypeCycle Graph for Endpoint Security - FireCompass

FireCompass Named A Sample Vendor In Gartner® Hype Cycle for Security Operations, 2022

Can your security team confidently answer the following questions? Which vulnerabilities have the greatest chance of being exploited by an adversary? What are your action points to identify the unknown risks and vulnerabilities in our environment? Which infrastructure changes or digital transformation initiatives in the last 7 days have altered your threat landscape or security… Read More »FireCompass Named A Sample Vendor In Gartner® Hype Cycle for Security Operations, 2022