• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells From Above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Offense

Red Team Assessments vs Penetration Testing Assessments

May 18, 2023 By RSM Author

At RSM, one of our goals is to help guide the client into choosing the right test for them. This isn’t always as simple as it sounds, as it takes into consideration factors such as goals or size of the network. One of the most common questions we receive are on the difference between a penetration assessment and a Red Team assessment. Many in the cybersecurity world also ... READ MORE

Managed Vs. Federated Office 365: What’s the Difference?

March 14, 2023 By Ryan Shockling

Computer

When considering the methods of attack an organization should defend itself, what comes to mind? Certainly, you should defend yourself against the most devastating forms of attack. That missing patch that leads to full domain compromise? Take care of that immediately. That password policy that means everyone uses “1234”? Should probably look at that too. What about the most ... READ MORE

How to Perform OGNL Injection

February 2, 2023 By RSM Author

While we frequently discuss SQL injection and command injection, OGNL injection receives a lot less attention. What is OGNL? OGNL stands for “Object Graph Navigation Language,” which is written through Java and is used in the Apache Struts2 framework for web applications. Struts2 was originally created to build “enterprise ready web applications” and was known for being able ... READ MORE

WMI & PowerShell for Offensive Security

January 24, 2022 By Kevin Randall

As a penetration tester, learning how to use a CLI (Command Line Interface) is a necessary skill as there are many times where an interactive interface such as Remote Desktop won’t be available. Starting with a standard command prompt for Windows (cmd.exe) is a great start. However, there are more advanced and feature rich CLI interfaces. Two of which are WMI (Windows ... READ MORE

The State of Ransomware

July 8, 2021 By AJ Hammond

Ransomware as a concept isn’t exactly bleeding edge. For years, cybercriminals have been using ransomware along with a variety of different attack vectors to compromise companies both big and small around the globe.   What is new, however, is the recent uptick in the quantity and frequency of ransomware-based attacks. According to Verizon's 2021 Data Breach Investigations ... READ MORE

Colonial Pipeline Ransomware

May 12, 2021 By Ken Smith

Ransomware attacks are no longer simply a malware infection. Today’s ransomware threat actor groups are comprised of skilled hackers who are well-versed in infiltrating their victims’ networks. Once inside the target network, these attackers perform reconnaissance to identify critical accounts, systems and even sensitive data stored within the network. Since the mid-2010s, we ... READ MORE

Cisco Smart Install for Penetration Testing

February 25, 2021 By Kevin Randall

recon-bg

Cisco Systems Inc. developed a widely used protocol to perform zero touch deployment of new infrastructure. This can include devices such as switches and routers and many other devices running Cisco IOS. This technology is called Smart Install. Smart Install runs on TCP port 4786 and requires no authentication to connect to the remote service. This protocol is very useful for ... READ MORE

Building a Vulnerable Box: RemoteMouse

January 29, 2021 By Ken Smith

At the start of every year, I review my lab repository of intentionally vulnerable machines and do my best to add new ones to the list. I recently came across a particularly interesting flaw, from a teaching perspective, and thought it would be worth capturing. RemoteMouse is Windows/Linux/Mac compatible software that can be used in conjunction with a mobile app to turn your ... READ MORE

FireEye Intrusion – Red Team Tools Stolen

December 11, 2020 By RSM Author

There is a saying in the security community that it is not if an organization will suffer a cybersecurity event but when. Current events prove that this statement stands true even for sophisticated security firms such as FireEye. We are closely monitoring the situation and wanted to share our perspective at this point. I share the opinion of at least a few of my peers who ... READ MORE

Vulnerability scanning your Android apps

November 30, 2020 By RSM Author

A lesser known feature of the Mobile Secuirty Framework scanner MobSF from 'https://opensecurity.in/' is its ability to quickly scan a folder of APK files. This isn't normally something most users would need if they were only targeting a single app but if you're trying to assess the security of a device you might find it necessary to look at every piece of software, from the ... READ MORE

  • Page 1
  • Page 2
  • Page 3
  • Interim pages omitted …
  • Page 9
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 11k views

  • Sophos UTM Home Edition – 3 – The Setup 10.9k views

  • Leveraging MS16-032 with PowerShell Empire 10.1k views

  • Bypassing Gmail’s Malicious Macro Signatures 9.9k views

  • How to Bypass SEP with Admin Access 9k views

Footer

  • Facebook
  • LinkedIn
  • Twitter
  • Tools
  • About
  • RSM US LLP

(312) 634-3400

30 S. Wacker Drive Suite 3300
Chicago, IL 60606

Copyright © 2025 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.