Blog

Welcome to our blog, where we share our expertise and knowledge in offensive security services, including red teaming and penetration testing. Here, you’ll find in-depth articles on tools, commands, and code, along with the occasional war story for those eager to delve into the realities of cybersecurity. Stay tuned for updates on the latest trends and techniques in the world of offensive security, and join us on our journey to make the digital world a safer place.

  • RegreSSHion: Critical RCE Vulnerability Discovered in OpenSSH

    A recently discovered vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has security professionals scrambling to patch their systems. This blog post will dive into the details of this critical vulnerability, including affected systems, versions, exploit availability, and patching procedures. What is…

  • TIBER Red Team – A Story

    TIBER Red Team – A Story Our TIBER red team was engaged by a large financial institution to conduct a simulated cyber attack against their systems. The goal of the engagement was to identify and prioritize vulnerabilities in the organization’s…

  • Practical Impacket

    Practical Impacket This blog post document practical uses of impacket’s scripts that we have used in engagements, exams and during research. Impacket (https://github.com/SecureAuthCorp/impacket) is a brilliant collection of python scripts developed by SecureAuth used to work with network protocols and…

  • The Powershell Double Hop

    The Powershell Double Hop This post details overcoming the infamous double hop problem that exists in powershell. Once you have established a powershell remoting session on one computer, you are mostly limited to activity on that computer. From that session,…

  • Tunnel traffic through SSH connection

    A lot of times you may be able to get SSH access to a host at target’s network perimeter and want to scan their internal environments. It is possible to use the magic of SSH to tunnel your traffic through…

  • Extracting Active Directory Credentials from NTDS.dit Using Built-in Windows Commands

Sign Up For Our Newsletter!

Get notified of new blogs and services!

Get Updates

OFFSECURE Follow

High quality cybersecurity solutions designed to provide actionable security data for your enterprise. #pentesting #redteaming #consulting #mssp #vciso

offsecureio
offsecureio OFFSECURE @offsecureio ·
14 Oct

Need a Virtual CISO to enhance your security strategy? OFFSECURE has you covered! Learn more about our Virtual CISO services at #security #consulting #cybersecurity

Reply on Twitter 1845741382641627605 Retweet on Twitter 1845741382641627605 Like on Twitter 1845741382641627605 1 Twitter 1845741382641627605
offsecureio OFFSECURE @offsecureio ·
14 Oct

Check out our latest article on “Phishing” and learn more about red teaming strategies to protect your organization from cyber threats. #Cybersecurity #RedTeaming #PhishingSecurity #OffSecure

[Link to the article](https://offsecure.io/red-teaming/phishing/)

Reply on Twitter 1845741360642490710 Retweet on Twitter 1845741360642490710 Like on Twitter 1845741360642490710 Twitter 1845741360642490710
offsecureio OFFSECURE @offsecureio ·
14 Oct

Explore in-depth threat intelligence assessments with OFFSECURE to strengthen your red teaming strategies. Learn more here: https://offsecure.io/red-teaming/threat-intelligence-assessment/ #CyberSecurity #RedTeaming #ThreatIntelligence

Reply on Twitter 1845741335468216660 Retweet on Twitter 1845741335468216660 Like on Twitter 1845741335468216660 Twitter 1845741335468216660
Load More