Discover our latest articles
The articles below are a collection of our latest research, guidance, blog posts and miscellaneous other content.
The articles below are a collection of our latest research, guidance, blog posts and miscellaneous other content.
Manage Active Directory implementations such as AWS Directory Service have many benefits; but one of their downsides is that they prevent traditional password auditing techniques from being used. However, it is still possible to carry out password auditing in these environments, which can be a useful way to identify weak and re-used passwords within them.
Learn More
When setting up an AWS environment, it’s often desirable to prevent administrative access from untrusted locations. This is important not just to prevent external attackers from gaining access to the environment, but also to provide control over the data within it, and to prevent legitimate users from accessing the environment from personal or unauthorised systems. One of the common ways that this is done is by configuring Trust Relationships (also known as Trust Policies).
Learn More
As pentesters, we often come across applications that implement custom cryptography to protect sensitive information such as passwords or API keys. Proper cryptanalysis of this encryption schemes is usually outside of the scope of the engagement (if only due to the lack of time) - but it’s often useful to be able to quickly reverse this encryption from a white-box perspective, so that the encrypted secrets can be leveraged elsewhere in the environment.
Learn More
Multi-Factor Authentication (MFA) is widely accepted as one of the key security controls that should be implemented to protect user and administrative accounts, especially for externally facing systems. However, it’s not just enough to check whether MFA is present: the security of the implementation also needs to be thoroughly tested to ensure that it is robust and effective.
Learn More
While password auditing for Active Directory accounts is a well-established process (and discussed in a previous article), password auditing methods for FreeIPA or Red Hat Identity Management are less well known, and as such may be overlooked or forgotten.
Learn More
Weak passwords are one of the most common ways that attackers are able to compromise an environment. If you’re using a traditional on-premise Active Directory, then carrying out your own password auditing is a very effective way to identify weak passwords in your network, and to measure the effectiveness of policy changes and training programs.
Learn More
The traditional approach to carrying out web application testing has been to just test the application itself, and optionally to carry out external network testing against the server that it is running on. Although this approach can provide a degree of assurance, it misses many of the key areas that need to be considered for modern cloud-based applications.
Learn More
Password auditing of Active Directory is a common and well-understood practice, and a key security process that many organisations implement. However, with the shift to Azure, the existing methods can’t be used.
Learn More
If you are a security, infrastructure, or project manager, then using whitebox testing methodology can give you greater assurance and better test coverage for the time allocated. This article sets out to explain why.
Learn More