On July 13, 2020, SAP software released a patch impacting the SAP NetWeaver Application Server Java versions 7.5 and earlier. The vulnerability dubbed RECON (Remotely Exploitable Code on NetWeaver) Specifically targets SAP NetWeaver Java while ... READ MORE
Main Content
From the War Room Blog
Building a Lab Network in Proxmox and Sophos UTM9
One of the best ways to acquire and maintain an offensive security skill set is to build a home lab and populate it with intentionally vulnerable machines. The most straightforward option is to simply spin up VMs in VirtualBox or VMWare Player and ... READ MORE
Office 365—Magic Logs Uncovered
The Dark Ages According to the FBI’s 2019 IC3 report, the IC3 unit received 23,775 business email compromise (BEC) complaints with losses of over $1.7 billion (FBI IC3 Report[1]). We have found that, first and foremost, threat actors are trying to ... READ MORE
Using EDR as an Incident Response Tool
What is EDR? Endpoint detection and response (EDR) has been a buzzword in the world of cybersecurity for the last couple years, but what does that really mean? EDR tools are designed to continuously monitor systems for anomalous or malicious ... READ MORE
Enumerating Emails via Office.com
On a recent penetration test, I discovered that manually attempting to log into Office.com would give an indication as to whether an email address exists or not. Both of the techniques I was familiar with for Office365 username enumeration, using the ... READ MORE
Socially Susceptible – Augmenting phishing with machine learning classifiers
Crafting sophisticated phishing campaigns is a necessary part of offensive tradecraft for testing security conscious and complex environments. The old adage goes "a chain is only as strong as its weakest link". Historically this chain has been ... READ MORE