Red Teaming Guide | Part 1
So You Want a Red Team: The Primer In my former life, I was a member of an institutional Red Team at a Fortune 500 organization with several colleagues and […]
Blog
Social Engineers Best Friend – Part 1: Proxmark3 & RFIDs
When performing onsite social engineering engagements for clients, regardless of industry, 95% of the time you will see some sort of technology involving RFID utilized to manage access (interior and […]
Brief CMD+CTRL Cyber Range Review
Secure360 just took place here in Minnesota on May 14th through the 15th. One interesting addition this year I noticed was the Cyber Range Capture The Flag (CTF). At the […]
Password Cracking Rig
In this blog post, we’ll talk about White Oak Security’s password cracking rig. Additionally, we will cover some simple changes that can be implemented into your Active Directory environment, that […]
Attracting & Retaining Women in Security – Part Four
In my last post, I talked about some of the reasons that women are leaving the security profession at a much higher rate than men and what needs to change […]
Gone In 60 Mobile Apps – part 1
This series of posts is in no way showcases a full penetration test, which does a much deeper dive into an application’s risks and utilizes many more tools and manual […]
Guest Blog: Attracting & Retaining Women in Security – Part Three
In my last two posts, I talked about how the shortage of security professionals and the fact that women make up only 14% of the U. S. cybersecurity workforce have […]
Building An Application Security Program: Part 2
Read Part 1 here.. Last time we talked about how you would start an application security program and I want to try to move into a discussion around how you […]
Determining Valid User Accounts In Web Applications
New security breaches are occurring on an almost daily basis. Attackers often gather breach data in search of attacking valid user accounts on other websites, such as the 773 million […]
Guest Blog: Attracting & Retaining Women in Security – Part Two
In my last post, I talked about how the shortage of security professionals and the fact that women make up only 14% of the U. S. cybersecurity workforce have combined […]