• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Blog

Crimson Forge

December 12, 2019 By steiner

Today RSM US has released a new research project dubbed Crimson Forge. The project originated from the desire to add evasion capabilities to existing, native payloads. The intention is to target x86 and AMD64 shellcode and automatically rewrite it to evade signature based detections. The issue with many existing implementations are that they rely on "encoding" the payload and ... READ MORE

Solarwinds

October 14, 2019 By benichmt1

How a Default SolarWinds Guest Account Can Facilitate Compromise – and How to Fix It The Problem SolarWinds is a leading provider of network monitoring and configuration management software. However, there’s a default feature on the SolarWinds Orion Network Performance Monitor tool that could be putting your organization at big risk. The issue is a default guest account ... READ MORE

No More Mimikatz

October 14, 2019 By Kyle Zeigler

Mitigating Windows Credential Flaws There’s a vulnerability in Windows systems that is leveraged time and time again while compromising a network. Though the technique is well known to attackers, it is rarely mitigated effectively. Bad combination. But it’s convenient… Windows systems will cache user credentials in system memory. In cleartext. This is a default feature in ... READ MORE

Stanford Password Policy

October 14, 2019 By Kyle Zeigler

A creative solution for stronger passwords Rules, Rules, Rules Most of us are familiar with basic password rules: Don’t use ‘password’. Duh. Don’t use your username as your password. Got it. Don’t repeat the same password for multiple accounts. Don’t choose an easily guessable password combination, even if it looks complex, e.g. ‘Winter2016’. Ok… I know ... READ MORE

SMB Relay

October 14, 2019 By Kyle Zeigler

SMB Relay Attack The SMB relay attack has been around for years, and publicly available tools make the attack easier to carry out. The attack can result in a full network compromise with relatively little effort or expertise on the part of the attacker, making this a very common technique. What’s worse, we’ve noticed many organizations are vulnerable to this attack and might ... READ MORE

Google Dorks

October 14, 2019 By Kyle Zeigler

Google Dork: Finding the Information You Don’t Know Exists Reconnaissance Reconnaissance. It’s a technique not unknown to most teenagers, and if we’re honest, we’ve all done it ourselves too – Googling the person you just met at the bar, Facebook stalking the new person at work, we all know the drill. This is the age of social media and data breaches, so we all know there’s ... READ MORE

King Phisher Release Version 1.15

September 24, 2019 By wolfthefallen

King Phisher v1.15 is here! With this release you can now choose what columns are visible while viewing campaign messages, visits and credentials. Additionally, if you are having issues with King Phisher configuring its pipenv environment, you can now provide the --env-verbose flag on ./KingPhisher --env-install or ./KingPhisher --env-install. This will provide more ... READ MORE

King Phisher Release v1.14

August 1, 2019 By wolfthefallen

It is time for the next release of King Phisher! Continuing down the path of making it easier to set your Web Server URL, the campaign editor now features an interactive URL builder component. This allows users to easily select the scheme, hostname and landing page as suggested by the server making it easier to select a proper URL. In addition, King Phisher now integrats ... READ MORE

Saurus’ Guide to Security+

June 5, 2019 By Saurus

Hello fellow security professionals and those aspiring to be! Saurus here and excited to write to you on a new blog post. Being a consultant keeps me fairly busy. In addition to managing my workload I recently obtained my COMPTIA Security+ certification.  While the experience of taking the exam is still fresh in mind, I wanted to draft up a blog post about some of the ... READ MORE

GTP Scanning

May 7, 2019 By steiner

A while ago I was working on an assessment where I was exposed to General Packet Radio Service (GPRS) servers. Having not been familiar with this particular technology, I started to read about the details of the protocol and it's implementation. One of the best resources I found was the presentation "Practical security research on 3G and 4G mobile telecommunications networks", ... READ MORE

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 19
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • Sophos UTM Home Edition – 3 – The Setup 10,703 views
  • DLL Injection Part 1: SetWindowsHookEx 10,427 views
  • Leveraging MS16-032 with PowerShell Empire 9,898 views
  • Bypassing Gmail's Malicious Macro Signatures 9,782 views
  • How to Bypass SEP with Admin Access 8,411 views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2019 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.