Latest LABS post...
Active Cyber Defence - Taking back control
Every good cybersecurity article needs a Sun Tzu quote, here is one lesser known quote from Sun Tzu to start us off.
What Happened?
Recently, JUMPSEC’s Detection and Response Team (DART) caught a Red Team inside one of our MxDR clients’ networks using a honeypot server. The honeypot server was set up using Thinkst Applied Research’s project called OpenCanary. This open-source project from Thinkst emulates different network protocols and when interacted with, creates an alert providing information to the defensive team, such as the source of the request.
Continue readingLatest LABS posts...
Active Cyber Defence - Taking back control
Read more >
NTLM Relaying - Making the Old New Again
Read more >
Building Forensic Expertise: A Two-Part Guide to Investigating a Malicious USB Device (Part 2)
Read more >
Building Forensic Expertise: A Two-Part Guide to Investigating a Malicious USB Device (Part 1)
Read more >
Adversary at the Door - Initial Access and what's currently on the menu
Read more >
SSH Tunnelling to Punch Through Corporate Firewalls - Updated take on one of the oldest LOLBINs
Read more >
Featured Tools
Lure Krafter
A tool designed to build a standalone WASM payload smuggling lure.
Token Smith
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. Built with OpSec in mind it is suitable for both covert adversary simulations, penetration tests or sysadmin tasks. The tokens generated works out of the box with many popular Azure offensive tools.
Ahhzure
AHHHZURE is an automated vulnerable Azure deployment script designed for offensive security practitioners and enthusiasts to brush up their cloud sec skills.
Scan our QR codes!
For more information, visit JUMPSEC.