+1 234-249-1337
Enterprise Security Names Red Siege as a Top 10 Vulnerability Management Company for 2019
By Red Siege | August 6, 2019
To help business providers in selecting promising vulnerability management services, a distinguished panel of prominent marketing specialists and analysts, along with Enterprise Security Magazine editorial board has assessed and shortlisted […]
Learn MoreOn Purple
By Tim Medin | July 12, 2019
The “Purple Team” term has been flying around for a while now and it is an important development in our growth as an industry. If you haven’t heard the term […]
Learn MoreLogging Passwords on Linux
By Tim Medin | May 30, 2019
Hal Pomeranz tipped me off to a nasty little trick of using Linux’s own auditing features and PAM to grab clear text passwords from users as they use sudo/su on […]
Learn MoreRed Siege Welcomes Corey Overstreet
By Red Siege | May 23, 2019
Overstreet is an experienced penetration tester and red team operator and has been engaged with Fortune 500 organizations across a variety of industries, including financial services, government services, and healthcare. […]
Learn MoreBreaking into Infosec
By Mike Saunders | May 7, 2019
tl/dr; There are a lot of ways to get into infosec. I’ll try to outline some of the things that have helped me along the way and provide some resources […]
Learn MoreFinding the silver lining in getting your teeth kicked in
By Mike Saunders | March 27, 2019
Lots of pen test and red team blogs follow the same model: we came, we saw, we conquered, blue team tears flowed. This is not one of those blogs. TL/DR; […]
Learn MoreSQLi Data Exfiltration via DNS
By Mike Saunders | November 30, 2018
Did you know you can use DNS queries to exfiltrate data from a database via SQLi? No? Then continue reading! I’ll walk through some techniques you can use to enumerate […]
Learn MoreDerbyCon 8 – Web App 101: Getting the Lay of the Land
By Red Siege | October 5, 2018
Mike Saunders will be presenting “Web App 101: Lay of the Land” at DerbyCon 8, Saturday, October 6 at 12:00 PM, in Track 2 (upstairs). Mike draws on his experience […]
Learn MoreMaintaining Session States in .NET Apps With Burp
By Mike Saunders | September 21, 2018
During a recent web app test, I encountered a situation when I would be randomly logged out of the application when running sqlmap. I wasn’t manipulating any of the session […]
Learn MoreCapturing SQL Server User Hash with SQLi
By Mike Saunders | September 5, 2018
On a recent external web app pen test, I found a possible SQL injection vulnerability using the Burp Scanner. One of the tests triggered an A record lookup for the […]
Learn More