Tevora Threat Blog
Threat Hunting for Ransomware with CarbonBlack Response and AnyRun
Ransomware is still one of the most common incidents Tevora’s Digital Forensics and Incident Response responds to. There are many ways to hunt for threats and resources for a responder to utilize.
About Windows Process/Thread Tokens and Pass The Hash
Windows has a rich security model that is worth understanding to operate effectively on a red team or pentest.
Visualizing .NET Class Relationships using Roslyn and Neo4j
During a whitebox code review, having graphical representations of the layout of the code base can be highly beneficial, as the tester has limited time to learn and analyze the structure of the project.
Email Enumeration with Prowl
During an engagement, having an email list for your target can be useful for a variety of reasons.
A SharpView and More Aggressor
Any red team looking to improve is constantly adapting, changing their tactics and implementing new techniques & procedures.
Configuring Secure Boot + TPM 2
This post will walk through the process of automatically decrypting a LUKS encrypted drive on boot using a chain of trust implemented via Secure Boot and TPM 2.
Blind Command Injection Testing with Burp Collaborator
In this post we will demonstrate how Burp Collaborator can be leveraged for detecting and exploiting blind command injection vulnerabilities.
Tevora employs a lot of different tools depending on what our need is. During penetration tests and red teams one of the most common that is used i