Reject Passwords, Return to (Security) Keys
By Red Siege | November 28, 2023
from Ian Briley, Security Consultant The weakest link in your information security chain will always be the human behind the keyboard. No matter how much death by PowerPoint security training […]
Learn MoreCLICK ON EVERYTHING (in Burp)
By Red Siege | October 5, 2023
In this blog post I wanted to share a few tips and tricks I’ve found in Burp that have really helped me in the past. Double Click and Right Click […]
Learn MoreVishing: How to Protect Your Business from Phone-Based Social Engineering Attacks
By Red Siege | September 22, 2023
from Jason Downey, Security Consultant In our digital world today, where cyber stuff keeps changing all the time, there’s this sneaky attack method that’s been popping up more and more […]
Learn MoreHouse cat to Hashcat
By Red Siege | August 22, 2023
by Jason Downey, Security Consultant The Basics Password cracking is a key tool in every penetration tester’s toolbox and is something blue teamers should do on a regular basis […]
Learn MoreObfuscating Shellcode Using Jargon
By Red Siege | July 31, 2023
by Mike Saunders, Principal Security Consultant In a recent blog , we discussed how encrypting shellcode leads to increased entropy, which may result in your shellcode loader being blocked and/or […]
Learn MoreBrowser Only Web Application Testing
By Red Siege | July 24, 2023
By: Ian Briley, Security Consultant Spoiler Alert: Burp is the number one tool most people use while testing web applications. If you want to be an open-source champion, ZAP from […]
Learn MoreIntroduction to Mythic C2
By Red Siege | June 28, 2023
By: Justin Palk, Senior Security Consultant Continuing along with my occasional series looking at how to set up and use various C2 frameworks, this is a guide to Mythic C2. Developed […]
Learn MoreRed Siege acquires FortyNorth Security
By Red Siege | June 5, 2023
Red Siege strengthens its offensive security consulting offerings with the acquisition of FortyNorth Security. The transaction expands Red Siege’s services to its clients with more leading-edge open source and private […]
Learn MoreEvading CrowdStrike Falcon Using Entropy
By Red Siege | April 11, 2023
from Mike Saunders, Principal Consultant tl/dr You’re encrypting your shellcode so you don’t get caught, and that might get you caught. Introduction I’ve encountered CrowdStrike Falcon Protect on engagements many […]
Learn MoreWriting Strategy Guides to Defeating Cyber Security
By Red Siege | December 5, 2022
by Senior Security Consultant Douglas Berdeaux The Almighty Strategy Guide to the Rescue! With the end of the year approaching, I took some time to reflect on what the […]
Learn More