Blog

Welcome to our blog, where we share our expertise and knowledge in offensive security services, including red teaming and penetration testing. Here, you’ll find in-depth articles on tools, commands, and code, along with the occasional war story for those eager to delve into the realities of cybersecurity. Stay tuned for updates on the latest trends and techniques in the world of offensive security, and join us on our journey to make the digital world a safer place.

  • RegreSSHion: Critical RCE Vulnerability Discovered in OpenSSH

    A recently discovered vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has security professionals scrambling to patch their systems. This blog post will dive into the details of this critical vulnerability, including affected systems, versions, exploit availability, and patching procedures. What is…

  • TIBER Red Team – A Story

    TIBER Red Team – A Story Our TIBER red team was engaged by a large financial institution to conduct a simulated cyber attack against their systems. The goal of the engagement was to identify and prioritize vulnerabilities in the organization’s…

  • Practical Impacket

    Practical Impacket This blog post document practical uses of impacket’s scripts that we have used in engagements, exams and during research. Impacket (https://github.com/SecureAuthCorp/impacket) is a brilliant collection of python scripts developed by SecureAuth used to work with network protocols and…

  • The Powershell Double Hop

    The Powershell Double Hop This post details overcoming the infamous double hop problem that exists in powershell. Once you have established a powershell remoting session on one computer, you are mostly limited to activity on that computer. From that session,…

  • Tunnel traffic through SSH connection

    A lot of times you may be able to get SSH access to a host at target’s network perimeter and want to scan their internal environments. It is possible to use the magic of SSH to tunnel your traffic through…

  • Extracting Active Directory Credentials from NTDS.dit Using Built-in Windows Commands

Sign Up For Our Newsletter!

Get notified of new blogs and services!

Get Updates

OFFSECURE Follow

High quality cybersecurity solutions designed to provide actionable security data for your enterprise. #redteaming #adversaryops #pentesting #consulting

offsecureio
offsecureio OFFSECURE @offsecureio ·
25 Mar

Myth: We can buy our way out of risk. Investing in tools and software guarantees our security. #CyberSecurity #InfoSec

Reply on Twitter 2036600471348027460 Retweet on Twitter 2036600471348027460 Like on Twitter 2036600471348027460 Twitter 2036600471348027460
offsecureio OFFSECURE @offsecureio ·
23 Mar

In 2023, the FBI IC3 reported a 60% increase in ransomware attacks. As threats become more sophisticated, businesses need proactive measures. Red team assessments can uncover vulnerabilities before attackers do. Secure your defenses today at http://OffSecure.io.

Reply on Twitter 2036033406752940522 Retweet on Twitter 2036033406752940522 Like on Twitter 2036033406752940522 Twitter 2036033406752940522
offsecureio OFFSECURE @offsecureio ·
19 Mar

In 2023, the healthcare sector saw a 60% increase in ransomware attacks, according to the FBI IC3. With sensitive data at risk, proactive measures like red team assessments are crucial. Ensure your defenses are robust. Learn more at https://offsecure.io.

Reply on Twitter 2034447049689575429 Retweet on Twitter 2034447049689575429 Like on Twitter 2034447049689575429 Twitter 2034447049689575429
offsecureio OFFSECURE @offsecureio ·
18 Mar

In June 2017, the NotPetya cyberattack emerged, initially targeting Ukraine but quickly spreading globally. This destructive malware wreaked havoc on major corporations, highlighting vulnerabilities in software supply chains and urgent cybersecurity needs.

Reply on Twitter 2034087150505877688 Retweet on Twitter 2034087150505877688 Like on Twitter 2034087150505877688 Twitter 2034087150505877688
Load More