Attacking SAML implementations

Attacking SAML implementations

By Red Siege | November 2, 2021

SAML and SAML Attacks Recently a client mentioned that they wanted me to pay particular attention to the SAML authentication on an app I was going to be testing. It’s […]

Learn More
Attacking SAML implementations

SiegeCast: Cobalt Strike Basics

By Red Siege | September 13, 2021

Sept 14th at 3pm Eastern. Tim Medin breaks down everything you need to know about Cobalt Strike with its very own Tech Director, Joe Vest How to watch: Youtube: https://redsiege.com/ytsubscribe […]

Learn More
SiegeCast: Cobalt Strike Basics

Bypassing Signature-Based AV

By Red Siege | August 25, 2021

If you want to execute arbitrary code on an endpoint during a penetration test, red team, or assumed breach, chances are you’ll have to evade some kind of antivirus solution. […]

Learn More
Bypassing Signature-Based AV

SiegeCast: The Way of the Spray

By Red Siege | August 24, 2021

August 24th at 3pm Eastern. In a world where the security landscape is ever changing, weak passwords and an attackers ability to leverage that weakness is the gift that keeps […]

Learn More
SiegeCast: The Way of the Spray

Now Streaming SiegeCasts!

By Red Siege | August 17, 2021

We are excited to bring you this brand new SiegeCast in a fresh new format!  On August 24th at 3pm Eastern the new SiegeCast from  Security Consultant Jason Downey will […]

Learn More
Now Streaming SiegeCasts!

Sans Core Netwars Tournament of Champions Europe

By Red Siege | August 9, 2021

From Justin Palk, Security Consultant: I’ll be honest, it feels good to win. Popping a shell sends a shiver down my spine. But getting into a duel with another team […]

Learn More
Sans Core Netwars Tournament of Champions Europe

Hacking OAuth2.0

By Red Siege | March 22, 2021

The intent of this blog is to help penetration testers and security researchers get a deeper understanding of the OAuth protocol. We are going to learn how to bypass authentication […]

Learn More
Hacking OAuth2.0

Networking Fundamentals Part I

By Red Siege | February 10, 2021

This blog is the first of three in a series to go over some basic networking fundamentals that every security professional should know. These blogs are geared towards the absolute […]

Learn More
Networking Fundamentals Part I

Recon Methods Part 5 – Traffic on the Target

By Red Siege | April 7, 2020

In the previous parts of this series, we looked at different ways to gather intelligence on a target without generating traffic on their hosts through manual processes and automated tools. […]

Learn More
Recon Methods Part 5 – Traffic on the Target

Recon Methods Part 4 – Automated OSINT

By Red Siege | April 1, 2020

In the first three parts of this series, we learned about manual methods for gathering intelligence about a target company, their external hosts, and their employees manually through a myriad […]

Learn More
Recon Methods Part 4 – Automated OSINT