JUMPSEC LABS

The JUMPSEC Lab is a place where the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts!  We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.

BCP, as easy as ABC?

A Business Continuity Plan (BCP) is a strategic playbook created to help an organisation maintain or quickly resume business functions in the face of disruption. (Pratt, Tittel, Lindros, 2023) Be honest now. Who really has a truly effective Business Continuity Plan in 2024? Not the compliance-driven plan that has not been reviewed or tested properly for years. Or the “oh no, this supplier questionnaire is asking for a BCP… quick, write one” plan that won’t be much help in reality. Who has an effective plan that will be genuinely useful to their organisation in a time of crisis? Not many organisations do and it’s understandable. We are not aiming to criticise anybody's hard work here. We get it. To put it mildly, the sheer amount of items on any organisation's to-do list combined with budget and resource constraints often lead to things like Business Continuity Planning being...

read more

Active Cyber Defence – Taking back control

Every good cybersecurity article needs a Sun Tzu quote, here is one lesser known quote from Sun Tzu to start us off.   What Happened? Recently, JUMPSEC’s Detection and Response Team (DART) caught a Red Team  inside one of our MxDR clients' networks using a honeypot server. The honeypot server was set up using Thinkst Applied Research’s project called OpenCanary. This open-source project...

read more

NTLM Relaying – Making the Old New Again

I am old enough to remember that it was not always possible to get domain admin within the first hour of a test via Active Directory Certificate Services (ADCS) misconfigurations or over permissioned SCCM NAA accounts. At present we are spoilt for choice in regards to privilege escalation vectors within the on-premise AD environment's, but I wanted to take a look at some of the other...

read more

Building Forensic Expertise: A Two-Part Guide to Investigating a Malicious USB Device (Part 2)

In this part 2, we'll walk you through the step-by-step process of setting up and conducting a Digital Forensics and Incident Response (DFIR) investigation using a virtual machine (VM). We’ll cover everything from configuring the VM to ensure it’s completely isolated to tackling the challenges of USB passthrough with a write blocker. You'll also learn about the risks of using public threat...

read more

Building Forensic Expertise: A Two-Part Guide to Investigating a Malicious USB Device (Part 1)

JUMPSEC believes heavily in learning and developing through real world experience. The incident described in this blog post presented a fantastic opportunity for 3 junior team members to learn first hand how to conduct, report and respond to an incident investigation. This blog post is split into two parts: Part I focuses on the prerequisites and preparation work done before kicking off the...

read more

Adversary at the Door – Initial Access and what’s currently on the menu

Based on the data from the Cyber Security Breaches Survey 2024, phishing with malicious links or malware remains the most common initial access vector, followed by impersonation. The challenge with impersonation attacks is that current technology often struggles to accurately determine the purpose of a website. Although checks on domain maturity, reputation, categorization, and certificates are...

read more

SSH Tunnelling to Punch Through Corporate Firewalls – Updated take on one of the oldest LOLBINs

In my formative days of learning network hacking, SSH tunnelling was amongst the first tunnelling techniques that I learnt. I still remember trying to repeatedly decode my notes and diagrams on the rather cumbersome syntax of single port forwarding with the -L and -R flags, which at the time was taught as “the way to do it”. If your foothold is (luckily) a Linux server, then you’re blessed with...

read more

How to Handle Development Projects in a Pentest Company

If you are a pentester you probably never really think about programming. Instead you are testing what others have developed. However, every now and then a quick python or bash script is needed to exploit some stuff you have found, or automate a certain process you are using.  Things become interesting when you are in a penetration testing company that has many strong penetration testers and...

read more

How Cloud Migration is Affecting AppSec – A Red Teamer’s Perspective

Introduction I’ve recently spoken at several conferences about the changes that are underway within red teaming as a result of cloud migration. My team and I have been delivering majority cloud red team work over the last year and the differences are becoming more apparent by the day. One point I’ve mentioned as ‘controversial’ at several of these events is that cloud migration has actually made...

read more

GitHub Activity

 

Twitter

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.