July 2023

GPO Abuse

July 31, 2023

Group Policy Objects (GPOs) are a powerful tool administrators use to manage and enforce security policies across a domain. However, in the wrong hands, GPOs

A Redfox Cybersecurity blog on C2 Framework.

Introduction to C2 Frameworks

July 27, 2023

Command and Control (C2) frameworks have emerged as a sophisticated and consequential dimension in the ever-evolving cybersecurity landscape. These frameworks are commonly employed by threat

A Redfox Vybersecurity blog on how to misconfiugure ACL configurations.

Abusing ACL Misconfigurations

July 25, 2023

Access Control Lists (ACLs) are a crucial component of securing data and resources in an IT infrastructure. By assigning permissions to users and groups, ACLs

A redfox Cybersecurity blog on Shodan search engine.

Discovering Internet Accessible Devices with Shodan

July 24, 2023

In the vast landscape of the internet, a hidden world of devices is waiting to be discovered. These devices, ranging from servers and routers to

A Redfox Cybersecurity blog on Covenant C2 framework

Power of Covenant C2 Framework

July 22, 2023

In the ever-evolving world of cybersecurity, staying one step ahead of malicious actors is crucial. Command and control (C2) frameworks play a vital role in

A Redfox Cybersecurity blog on DOM-based XSS

DOM-Based Cross-Site Scripting

July 21, 2023

As the digital landscape continues to evolve, so do the threats that target web applications. Cross-site scripting (XSS) remains a persistent and dangerous vulnerability among

A Redfox Cybersecurity blog on CRLF Injection Attacks

Understanding CRLF Injection Attacks

July 19, 2023

In web security, CRLF Injection Attacks remain a potent threat. This blog aims to provide comprehensive insight into this malicious technique, its implications, and the

A Redfox Cybersecurity blog explaining fundamentals of MS SQL Serve

Exploiting MS SQL Servers

July 18, 2023

As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular

A redfox Cybersecurity on BloodHound tool

BloodHound Cheat Sheet

July 17, 2023

BloodHound is a powerful security tool that uses graph theory to reveal the relationships between users, groups, and computers in a domain. In this comprehensive

A Redfox Cybersecurity blog explaining Resource-Based Constrained Delegation(RBAC).

Resource-Based Constrained Delegation (RBCD) Attack

July 15, 2023

Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their

AS-REP Roasting

July 15, 2023

‍Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it

A Redfox Cybersecurity blog on the intricacies of Active Directory Certificate Services(AD CS), its potential risks and attack vectors.

Exploiting Active Directory Certificate Services (AD CS)

July 13, 2023

With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component