Tevora's Threat Blog
Practice Makes Perfect: Testing Critical Applications with Adversary Simulation
In today’s rapidly evolving digital landscape, protecting sensitive data, and ensuring robust security measures is of paramount importance. One area that has made recent headlines – and therefore requires special attention – is Identity and ...
Read More about Practice Makes Perfect: Testing Critical Applications with Adversary Simulation
Show Filters
Public Trust with PEAP Networks
With PEAP networks, authentication is performed via an MSChap handshake protected by a TLS tunnel...
Out of The Box – Lateral Movements
With many defenders keenly focused on identifying malicious activity including lateral movement
Threat Hunting for Ransomware with CarbonBlack Response and AnyRun
Ransomware is still one of the most common incidents Tevora’s Digital Forensics and Incident Re...
Read More about Threat Hunting for Ransomware with CarbonBlack Response and AnyRun
About Windows Process/Thread Tokens and Pass The Hash
Windows has a rich security model that is worth understanding to operate effectively on a red tea...
Read More about About Windows Process/Thread Tokens and Pass The Hash
Visualizing .NET Class Relationships using Roslyn and Neo4j
During a whitebox code review, having graphical representations of the layout of the code base ca...
Read More about Visualizing .NET Class Relationships using Roslyn and Neo4j
During an engagement, having an email list for your target can be useful for a variety of reasons.
A SharpView and More Aggressor
Any red team looking to improve is constantly adapting, changing their tactics and implementing n...
Configuring Secure Boot + TPM 2
This post will walk through the process of automatically decrypting a LUKS encrypted drive on boo...
Blind Command Injection Testing with Burp Collaborator
In this post we will demonstrate how Burp Collaborator can be leveraged for detecting and exploit...
Read More about Blind Command Injection Testing with Burp Collaborator
Tevora employs a lot of different tools depending on what our need is. During penetration tests a...
5 Minute Forensics: Decoding PowerShell Payloads
Through consulting with several of our clients during IR engagements, we have discovered that sev...
Read More about 5 Minute Forensics: Decoding PowerShell Payloads
RTOps: Automating Redirector Deployment With Ansible
This blog will cover what redirectors are, why they are important for red teams, and how to autom...
Read More about RTOps: Automating Redirector Deployment With Ansible
SecSmash: Leveraging Enterprise Tools
We are releasing the SecSmash tool we announced at BSIDES LV. SecSmash is a framework that allows...
Release the Kraken: Starting Your Password Cracking Journey
Password cracking is a crucial part of a pentest. It can either lead you to the promised land, or...
Read More about Release the Kraken: Starting Your Password Cracking Journey
Lay of the Land with Bloodhound
When I came across the tool BloodHound, it quickly became one of the go-to tools in my arsenal.
As pentesters, our job is to demonstrate the risk of unpatched vulnerabilities to the business.