• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

RSM Author

How to Perform OGNL Injection

February 2, 2023 By RSM Author

While we frequently discuss SQL injection and command injection, OGNL injection receives a lot less attention. What is OGNL? OGNL stands for “Object Graph Navigation Language,” which is written through Java and is used in the Apache Struts2 framework for web applications. Struts2 was originally created to build “enterprise ready web applications” and was known for being able ... READ MORE

Back To Basics: NTLM Relay

January 4, 2023 By RSM Author

BacktoBasics NTLM Relay

Despite being a veteran protocol, New Technology Lan Manager (NTLM) remains one of the most common authentication protocols used in Windows environments. Even though Kerberos offers enhanced security features over NTLM, many systems and functions still depend on NTLM, making it impossible for most organizations to move away from it entirely. Unfortunately, there are a number ... READ MORE

Back to Basics: Brute Forcing Techniques

November 16, 2022 By RSM Author

During an attack, a threat actor can often enumerate leverageable information through open-source intelligence (OSINT) gathering techniques. This can include information on users that are present on the target environment, such as usernames and email addresses. Often, a threat actor can use this information to craft a targeted list of users to facilitate a variety of attack ... READ MORE

2022 Attack Vectors Report

October 27, 2022 By RSM Author

Attack Vectors Report 2022

For many years, RSM has made a continuous effort to assist organizations in addressing cybersecurity challenges, provide tools to achieve a desired state of security, and deliver guidance for attack prevention. We perform security penetration testing to simulate attacks on internal networks and closely mimic security breaches within controlled environments. By conducting these ... READ MORE

Back to Basics: Kerberoasting

October 26, 2022 By RSM Author

Welcome back to our "Back to Basics" series, where we provide you with an overview of the bread and butter pentesting techniques that we regularly see compromise networks. In this week's installment, we're looking at Kerberoasting. Kerberoasting is a method to capture hashed passwords using the Kerberos network authentication protocol. This protocol protects network services ... READ MORE

CSRF on Anonymous Forms

January 26, 2018 By RSM Author

Using CSRF on Anonymous Forms This article will focus on linking CSRF vulnerabilities with phishing attacks to extend the lifetime of your captured credentials. Cross Site Request Forgery (CSRF) vulnerabilities on anonymous forms are often ignored or overlooked, but when combined with a credential-harvesting phishing campaign it extends the life of your captured credentials. ... READ MORE

Quick Reference: Empire Persistence Modules

December 15, 2017 By RSM Author

Empire Persistence

During a penetration test you may find yourself in a situation where your foothold in the network is tenuous and you need to establish persistence. Such as when your only foothold is on a workstation, the end of day is quickly approaching, and the user may shutdown their system. In these cases you'll likely have to save something to the hard disk, but what type of persistence ... READ MORE

Pentesting Restrictive Environments – Part 2

October 6, 2017 By RSM Author

Putting it all together Note: This blog is part 1/2 of Pentesting Restrictive Environments. I highly recommend reading part 1 if you have not! All of the equipment (and context) mentioned below is outlined in the first blog. After getting all of my Amazon packages, I flashed Kali Linux onto the MicroSD card and plugged it into the ODROID-C2. After getting the OS ... READ MORE

Pentesting Restrictive Environments – Part 1

October 6, 2017 By RSM Author

The Scenario On a recent engagement, the client was focused on testing the controls that were in place within the environment. The client wanted a penetration test conducted as a malicious employee using a heavily restricted, domain joined Windows host. The other caveat is that the client would be actively looking for me and works under a 3 strike system. I want to be clear ... READ MORE

Updating Anti-CSRF Tokens in Burp Suite

September 8, 2017 By RSM Author

Updating Anti-CSRF Tokens in Burp Suite Burp Suite developed by Portswigger, is the leading software for web application penetration testing. This application is a wonderful tool for fuzzing and automatically scanning HTTP requests to identify application-level vulnerabilities. Performing a web application penetration test against a target application that has developed a ... READ MORE

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.