Tevora Threat Blog

Filter By

Practice Makes Perfect: Testing Critical Applications with Adversary Simulation
Read More
Targeting MSOL Accounts to Compromise Internal Networks
Read More
Adversary Simulation with Voice Cloning in Real Time, Part 1
Read More
Adversary Simulation with Voice Cloning in Real Time, Part 2
Read More
SQLmap; Customizing tools to get the job done

Often we run into a false-positive SQLi (SQL injection) using SQLmap. Even then, our team will attempt to dig deeper and sometimes we hit roadblocks. By working on client’s project and faced the exact challenge. After careful enumeration and testing, an entry point was found that was vulnerable to SQLi.

Read More
Implementing Dynamic Invocation in C#

Introduction to payload development, following up on concepts in basic C# payload development.

Read More
Certified Pre-Owned ADCS and PetitPotam: Executing the Full Attack Chain with Windows and Linux

This blog provides a tutorial on executing a full attack chain from both Linux and Windows machines of Will Schroeders AD Certificate Services research

Read More
Malicious Cryptomining & Other Shifting Threats

Tevora Talks dForce $25 Million Crypto Hack, Blockchain, Blackmarket and security with Kevin Soltani

Watch Video
PsyOps: Deep Dive into Social Engineering Attacks

Social engineering campaigns continue to be one of the primary methods that adversaries use to gain an initial foothold in an organization. Red teams and Advanced Persistent Threat (APT) groups often times use phishing techniques and pretexted phone calls to coerce users to either disclose sensitive information or execute malicious…

Read More