Skip to content

Red Teaming

What are the SEBI guidelines on Red Teaming & Continuous Automated Red Teaming (CART)?

What are the SEBI guidelines on Red Teaming & Continuous Automated Red Teaming (CART)?

Table of Contents Overview of SEBI Guidelines on Red Teaming Definition of Red Teaming Exercises Reporting Cybersecurity Incidents Incident Response Management Plan Cyber Crisis Management Plan (CCMP) Role of Security Operations Centers (SOCs) Compliance Timeline for Regulated Entities Preparing for SEBI Compliance Conclusion Overview of SEBI Guidelines on Red Teaming The Securities and Exchange Board… Read More »What are the SEBI guidelines on Red Teaming & Continuous Automated Red Teaming (CART)?

Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

Link-Local Multicast Name Resolution (LLMNR), a seemingly important protocol in Windows environments, can be a silent accomplice for cyber adversaries seeking to exploit network vulnerabilities. Let us understand the technical intricacies of LLMNR and unravel how it can be exploited for reconnaissance purposes, examining each step from a Red Teamer’s perspective. Understanding LLMNR LLMNR is… Read More »Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

Unveiling SSL / TLS Vulnerabilities: A Red Teamer's Guide to Exploiting Weaknesses with SSLScan and TestSSL

Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that ensure secure communication over the internet. They provide data encryption, authentication, and integrity verification to protect sensitive information transmitted between a user’s web browser and a website, or between servers. This security is crucial for online transactions, sensitive data exchange,… Read More »Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

How do attackers utilize .git

How Do Attackers Utilize .git For Fun And Profit?

Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of software development, Git stands as… Read More »How Do Attackers Utilize .git For Fun And Profit?