Tevora Threat Blog

Filter By

Smoke and Mirrors | Red Teaming with Physical Penetration Testing and Social Engineering

In this post, we will illustrate the roadmap of a physical penetration test and advise how to successfully infiltrate into a corporate environment.

Read More
Scout

Surveillance Detection Scout is a hardware and software stack that makes use of your Tesla’s cameras to tell you if you’re being followed in real-time.

Read More
Public Trust with PEAP Networks

With PEAP networks, authentication is performed via an MSChap handshake protected by a TLS tunnel. Since MSChap has been effectively broken

Read More
Out of The Box – Lateral Movements

With many defenders keenly focused on identifying malicious activity including lateral movement

Read More
Threat Hunting for Ransomware with CarbonBlack Response and AnyRun

Ransomware is still one of the most common incidents Tevora’s Digital Forensics and Incident Response responds to. There are many ways to hunt for threats and resources for a responder to utilize.

Read More
About Windows Process/Thread Tokens and Pass The Hash

Windows has a rich security model that is worth understanding to operate effectively on a red team or pentest.

Read More
Visualizing .NET Class Relationships using Roslyn and Neo4j

During a whitebox code review, having graphical representations of the layout of the code base can be highly beneficial, as the tester has limited time to learn and analyze the structure of the project.

Read More
Email Enumeration with Prowl

During an engagement, having an email list for your target can be useful for a variety of reasons.

Read More
A SharpView and More Aggressor

Any red team looking to improve is constantly adapting, changing their tactics and implementing new techniques & procedures.

Read More