Tools and Techniques

Networking Fundamentals Part I

By Red Siege | February 10, 2021

This blog is the first of three in a series to go over some basic networking fundamentals that every security professional should know. These blogs are geared towards the absolute […]

SiegeCast : Web Api Weaknesses

By Justin Connors | January 11, 2021

Threading the Needles: Why Defense in Depth Still Matters

By Mike Saunders | January 6, 2021

I recently performed an assumed breach test against what I would consider an Apex Defender organization. The security team is smart, well-funded, extremely capable, and resourceful. The team has both […]

Free Backgrounds for Everyone!

By Justin Connors | December 8, 2020

No one knows what the future holds, but 2021 is shaping up to be another year of remote work and video conferences. With that in mind, we wanted to provide […]

Netcat and MFD’s – The Gifts That Keep on Giving

By Mike Saunders | October 30, 2020

It’s fairly well known that printers and MFDs can be a gateway to compromise on otherwise secured networks. We regularly encounter networks filled with these devices internal tests and (ab)use […]

Detecting Kerberoasting

By Tim Medin | October 21, 2020

Kerberoasting is an effective method for privilege escalation, pivoting, and even persistence. Let’s take a look at ways to detect (and prevent) this attack. Jump to the portion of this […]

CIO Review Names Red Siege as a Top 10 Most Promising Enterprise Security Company for 2020

By Justin Connors | August 25, 2020

In order to assist software companies in countering malicious attacks, CIO has compiled the Top 10 most promising enterprise security solution providers for 2020. Exciting news to discover that Red […]

User Enumeration Part 3 – Windows

By Mike Saunders | April 16, 2020

This is the third installment in a series of blogs on user enumeration. In Part 1 – Building Name Lists, I talked about ways of building usernames from OSINT and […]

Recon Methods Part 5 – Traffic on the Target

By Red Siege | April 7, 2020

In the previous parts of this series, we looked at different ways to gather intelligence on a target without generating traffic on their hosts through manual processes and automated tools. […]

Recon Methods Part 4 – Automated OSINT

By Red Siege | April 1, 2020

In the first three parts of this series, we learned about manual methods for gathering intelligence about a target company, their external hosts, and their employees manually through a myriad […]