Blog

Resource-Based Constrained Delegation (RBCD) Attack

Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their

July 15, 2023

AS-REP Roasting

‍Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it

July 15, 2023

Fox in a red hoodie overlooking city lights and rack servers — visual metaphor for Active Directory Certificate Services threat analysis and defensive research.

Exploiting Active Directory Certificate Services (AD CS)

With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component

July 13, 2023

Fox in a red hoodie at a multi-monitor workstation overlooking a cityscape — symbolic image for Android penetration testing and mobile security research.

A Comprehensive Guide to Android Penetration Testing

Android penetration testing is a crucial aspect of ensuring the security of mobile applications. With the increasing popularity of Android devices and the widespread use

July 13, 2023

Fox in a red hoodie surrounded by glowing servers and monitors, symbolizing strategic and goal-oriented penetration testing.

What is Objective-Based Penetration Testing?

In today’s digital landscape, where cyber threats loom large, organizations increasingly recognize the importance of robust cybersecurity measures. As cyber-attacks continue to rise in frequency

July 11, 2023

Fox in a red hoodie overlooking a futuristic city skyline filled with data servers — symbolizing the contrast between penetration testing and bug bounty methodologies.

Pen testing vs Bug Bounty

Penetration testing (pen testing) and bug bounty programs are two popular methods of ensuring the security of the digital assets of a business. While both

July 10, 2023

Fox in a red hoodie working at multiple glowing monitors surrounded by servers — symbolizing securing and monitoring Active Directory environments.

Maximizing Active Directory Security: Tips and Best Practices

Active Directory (AD) is integral to many organizations’ IT infrastructures, serving as the repository of user identities, computer accounts, and network resources. However, due to

July 8, 2023

How OSINT Can Revolutionize Your Information Gathering

OSINT, also known as Open Source Intelligence, plays a pivotal role in this process by gathering and analyzing publicly accessible information from diverse sources. Unlike

July 7, 2023

Mastering Scoping: The Key to Effective Penetration Testing

As cyber security threats have continuously evolved, penetration testing has become essential to an organization’s security strategy. Penetration tests allow us to detect weaknesses in

July 6, 2023

Cost-Effective Penetration Testing

Today’s digital landscape, with its increasingly sophisticated cyber threats, necessitates organizations to prioritize the security of their networks and applications. One highly effective method to

July 4, 2023

Exploiting Excessive Container Capabilities

In this blog post, we will explore the concept of container capabilities in Docker and delve into the potential risks associated with excessive privileges. We’ll

July 1, 2023

Understanding False Positives in Penetration Testing

False positives in penetration testing, also known as pen testing, are a crucial component of cybersecurity. Penetration testing, also known as pen testing, is a

June 29, 2023