Tevora's Threat Blog
Tevora Threat Advisory: ShinyHunters Escalate Attacks via Cloud
Strategic Intelligence indicates an emerging extortion campaign linked to several threat clusters believed to be associated with the ShinyHunters criminal hacker and extortion group. The threat group, long established in high-profile data br...
Read More about Tevora Threat Advisory: ShinyHunters Escalate Attacks via Cloud
Show Filters
Skip Cracking Responder Hashes and Relay Them
Responder is a go-to tool for most pentesters. We use it quite often on pentests to quickly gain ...
Read More about Skip Cracking Responder Hashes and Relay Them
Cracking NTLMv1 Handshakes with Crack.sh
This post will show how to crack NTLMv1 handshakes with the crack.
Gaining Code Execution with Injection on Java args
Recently on a pentest, we encountered a web application that allowed us to control command line a...
Read More about Gaining Code Execution with Injection on Java args
USB Drives, Desktop.ini, and NTLM hashes
USB dropping is one of those famous ‘hacker’ moves from the 2000’s that lives on in infamy.
A Valiant Effort at a Stealthy Backdoor
We will be discussing a technique that isn't utilized too often anymore and has been around for m...
Biscom Secure File Transfer Arbitrary File Download
Biscom Secure File Transfer is an application that gives the ability for companies to share files...
Read More about Biscom Secure File Transfer Arbitrary File Download
Penetration Testing with Splunk
Splunk has released an excellent blog post covering the best practices for deploying Splunk securely
Dissecting Veil-Evasion Powershell Payloads and Converting to a Bind Shell
There are many popular and powerful payloads available to us as penetration testers, and oftentim...
Read More about Dissecting Veil-Evasion Powershell Payloads and Converting to a Bind Shell