Blog

Preparing for a Penetration Test: Insights from Tim Medin, CEO of Red Siege Information Security

By Tim Medin | November 13, 2023

As the CEO of Red Siege Information Security, I’ve had the privilege of building an outstanding team of ethical hackers to conduct numerous penetration tests for organizations across many industries. […]

Learn More
Preparing for a Penetration Test: Insights from Tim Medin, CEO of Red Siege Information Security

Adventures in Shellcode Obfuscation! Part 1: Overview

By Red Siege | June 17, 2024

by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]

Learn More
Adventures in Shellcode Obfuscation! Part 1: Overview

Essential Steps for Management to Maximize the Value of a Penetration Test Report

By Red Siege | June 3, 2024

by Tim Medin, CEO Penetration testing is a critical component of a well-rounded cybersecurity strategy. Penetration testing identifies vulnerabilities before malicious actors can exploit them. However, the true value of […]

Learn More
Essential Steps for Management to Maximize the Value of a Penetration Test Report

Fun With JWT X5u

By Red Siege | May 30, 2024

by Senior Security Consultant Douglas Berdeaux On a recent web application penetration test engagement, I came across a JSON Web Token (JWT) that contained an x5u header parameter. I almost […]

Learn More
Fun With JWT X5u
Adventures in Shellcode Obfuscation! Part 1: Overview

by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]

Fun With JWT X5u

by Senior Security Consultant Douglas Berdeaux On a recent web application penetration test engagement, I came across a JSON Web Token (JWT) that contained an x5u header parameter. I almost […]

Extend Your Browser

by Ian Briley, Security Consultant In my last blog, I discussed using only a browser for web application testing, emphasizing how useful built-in browser tools like the Inspector and Console […]

SiegeCast: Practical People Hacking

  Introduction: In an enlightening conversation, Security Consultant Jason Downey and Senior Security Consultant Cory Overstreet delved into the intricate world of social engineering, focusing on phishing, vishing, and physical […]

SiegeCast: The Way of the Spray

August 24th at 3pm Eastern. In a world where the security landscape is ever changing, weak passwords and an attackers ability to leverage that weakness is the gift that keeps […]

SiegeCast: Unpacking the Packet

  Introduction: In a recent session, Jason Downey, a seasoned Security Consultant at Red Siege Information Security, took us through the foundational elements of networking that are crucial for every […]

Find Out What’s Next

Stay in the loop with our upcoming events.