Displaying post from category:

Blog Posts

Dumping LSASS Like it’s 2019

By Red Siege | March 4, 2024

By Alex Reid, Current Red Siege Intern   A long-time tactic of threat actors and offensive security professionals alike, tampering with LSASS.exe in order to recover credentials remains a highly […]

Learn More
Dumping LSASS Like it’s 2019

Better Living Through OpenSSH Config Files

By Red Siege | February 15, 2024

By: Justin Palk, Senior Security Consultant   SSH is an incredibly valuable tool for penetration testing. It provides us with a secure channel for administering machines, remotely executing tools, transferring […]

Learn More
Better Living Through OpenSSH Config Files

GraphStrike: Anatomy of Offensive Tool Development

By Red Siege | January 22, 2024

By: Alex Reid, Current Red Siege Intern Introduction This blog post accompanies the release of an open source tool called GraphStrike which can be found here. Those familiar with my […]

Learn More
GraphStrike: Anatomy of Offensive Tool Development

GraphStrike: Using Microsoft Graph API to Make Beacon Traffic Disappear

By Red Siege | January 22, 2024

By: Alex Reid, Current Red Siege Intern We at Red Siege are proud to introduce GraphStrike: a tool suite for use with Cobalt Strike that enables Beacons to use Microsoft […]

Learn More
GraphStrike: Using Microsoft Graph API to Make Beacon Traffic Disappear

You Can’t See Me – Protecting Your Phishing Infrastructure

By Red Siege | January 10, 2024

By: Mike Saunders, Principal Security Consultant If you’re a red teamer, you may know the pain of spending hours building your phishing infrastructure, setting up your phishing sites and landing […]

Learn More
You Can’t See Me – Protecting Your Phishing Infrastructure

Reject Passwords, Return to (Security) Keys

By Red Siege | November 28, 2023

from Ian Briley, Security Consultant The weakest link in your information security chain will always be the human behind the keyboard. No matter how much death by PowerPoint security training […]

Learn More
Reject Passwords, Return to (Security) Keys

Preparing for a Penetration Test: Insights from Tim Medin, CEO of Red Siege Information Security

By Tim Medin | November 13, 2023

As the CEO of Red Siege Information Security, I’ve had the privilege of building an outstanding team of ethical hackers to conduct numerous penetration tests for organizations across many industries. […]

Learn More
Preparing for a Penetration Test: Insights from Tim Medin, CEO of Red Siege Information Security

Click on Everything (in Burp)

By Red Siege | October 5, 2023

In this blog post I wanted to share a few tips and tricks I’ve found in Burp that have really helped me in the past. Double Click and Right Click […]

Learn More
Click on Everything (in Burp)

Vishing: How to Protect Your Business from Phone-Based Social Engineering Attacks

By Red Siege | September 22, 2023

from Jason Downey, Security Consultant In our digital world today, where cyber stuff keeps changing all the time, there’s this sneaky attack method that’s been popping up more and more […]

Learn More
Vishing: How to Protect Your Business from Phone-Based Social Engineering Attacks

House cat to Hashcat

By Red Siege | August 22, 2023

by Jason Downey, Security Consultant   The Basics¬† Password cracking is a key tool in every penetration tester’s toolbox and is something blue teamers should do on a regular basis […]

Learn More
House cat to Hashcat