Blog

Welcome to our blog, where we share our expertise and knowledge in offensive security services, including red teaming and penetration testing. Here, you’ll find in-depth articles on tools, commands, and code, along with the occasional war story for those eager to delve into the realities of cybersecurity. Stay tuned for updates on the latest trends and techniques in the world of offensive security, and join us on our journey to make the digital world a safer place.

  • RegreSSHion: Critical RCE Vulnerability Discovered in OpenSSH

    A recently discovered vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has security professionals scrambling to patch their systems. This blog post will dive into the details of this critical vulnerability, including affected systems, versions, exploit availability, and patching procedures. What is…

  • TIBER Red Team – A Story

    TIBER Red Team – A Story Our TIBER red team was engaged by a large financial institution to conduct a simulated cyber attack against their systems. The goal of the engagement was to identify and prioritize vulnerabilities in the organization’s…

  • Practical Impacket

    Practical Impacket This blog post document practical uses of impacket’s scripts that we have used in engagements, exams and during research. Impacket (https://github.com/SecureAuthCorp/impacket) is a brilliant collection of python scripts developed by SecureAuth used to work with network protocols and…

  • The Powershell Double Hop

    The Powershell Double Hop This post details overcoming the infamous double hop problem that exists in powershell. Once you have established a powershell remoting session on one computer, you are mostly limited to activity on that computer. From that session,…

  • Tunnel traffic through SSH connection

    A lot of times you may be able to get SSH access to a host at target’s network perimeter and want to scan their internal environments. It is possible to use the magic of SSH to tunnel your traffic through…

  • Extracting Active Directory Credentials from NTDS.dit Using Built-in Windows Commands

Sign Up For Our Newsletter!

Get notified of new blogs and services!

Get Updates

OFFSECURE Follow

High quality cybersecurity solutions designed to provide actionable security data for your enterprise. #redteaming #adversaryops #pentesting #consulting

offsecureio
offsecureio OFFSECURE @offsecureio ·
8 Mar

THREAT PROFILE: Sandworm exhibits a pattern of destructive attacks, including the infamous Olympic Destroyer and Industroyer malware. Their operations aim to disrupt and damage critical systems, showcasing their focus on physical-world impacts. #OffensiveSecurity #InfoSec

Reply on Twitter 2030675709941682289 Retweet on Twitter 2030675709941682289 Like on Twitter 2030675709941682289 Twitter 2030675709941682289
offsecureio OFFSECURE @offsecureio ·
6 Mar

Did you know that over 80% of breaches are linked to vulnerabilities that could have been mitigated? Are you prepared to face the next cyber threat? Explore how our red team assessments can strengthen your defenses. Learn more at the link in our bio.

Reply on Twitter 2029971821924057323 Retweet on Twitter 2029971821924057323 Like on Twitter 2029971821924057323 Twitter 2029971821924057323
offsecureio OFFSECURE @offsecureio ·
5 Mar

In May 2017, the WannaCry ransomware attack wreaked havoc globally, affecting over 200,000 machines across 150+ countries. This massive cyber incident highlighted vulnerabilities in systems and the critical need for effective cybersecurity measures.

Reply on Twitter 2029589087582064948 Retweet on Twitter 2029589087582064948 Like on Twitter 2029589087582064948 Twitter 2029589087582064948
offsecureio OFFSECURE @offsecureio ·
4 Mar

THREAT PROFILE: FIN7, also known as the Carbanak Group or Carbon Spider, is a notorious cybercriminal organization active since 2015. They are renowned for their sophisticated operations targeting retail, hospitality, and financial sectors. #ThreatIntel #CyberSecurity

Reply on Twitter 2029195467167318501 Retweet on Twitter 2029195467167318501 Like on Twitter 2029195467167318501 Twitter 2029195467167318501
Load More