Penetration Testing Vs Red Teaming
Penetration Testing Vs Red Teaming April 27, 2023 Informational Karan Patel It is evident that with the advancement of technology, the risks associated with it have also increased. Cybercriminals are always on the lookout for new ways by which they can exploit the system and gain unauthorized access to sensitive data. Penetration testing and red […]
Azure Privilege Escalation Via Service Principal
Azure Privilege Escalation Via Service Principal April 21, 2023 Active Directory Karan Patel In this blog, we will look at a variation of a real-world attack path to escalate our privileges from a compromised Application Administrator account in Azure to Global admin through a service principal. Before diving into the attack’s details, let us understand […]
Introduction to IoT Security
Introduction to IoT Security April 11, 2023 Hardware Karan Patel What is IoT? The Internet of Things (IoT) is a network of physical devices, vehicles, home appliances, and other objects embedded with sensors, software, and connectivity. It allows them to exchange data and interact over the Internet. Therefore, the basic idea of IoT is to […]
Docker Hardening Best Practices
Docker Hardening Best Practices April 07, 2023 Container Karan Patel Docker has gained immense popularity in recent times due to its containerization capabilities. However, as with any widely used platform, there is an increased risk of security threats. Therefore, taking the necessary measures to secure your Docker environment is imperative. In this regard, here are […]
Attacking Kubernetes (Part 1)
Attacking Kubernetes (Part 1) April 7, 2023 Active Directory Karan Patel Kubernetes 101 Kubernetes, or K8s, is an open-source container orchestration and management platform. Kubernetes provides a way to manage, deploy, and scale containerized applications in a distributed system environment. Google initially developed it, and is now maintained by the Cloud Native Computing Foundation (CNCF). […]