TLPT (Threat-Led Penetration Testing): Objective and Methodology In a context where cyberattacks are becoming more sophisticated, targeted and persistent, traditional security approaches are reaching their limits. I... 24.02 Applications
Ransack Query Injection: Analysis and Exploitation of an ORM Vulnerability Developers often rely on libraries to manage communications with databases. This saves them from having to write raw queries. These libraries generall... 03.02 Applications
What is Pass-the-Hash? Attacks Types and Security Best Practices During our internal penetration tests, we regularly compromise Active Directory without using any passwords. This is possible thanks to an iconic atta... 16.01 Infra & Network
Social Engineering and Red Teaming: Understanding Threats and Defence Strategies Social engineering, especially phishing in all its forms (emails, text messages, phone calls, QR codes, etc.), remains one of the main attack vectors.... 07.01 Phishing & Social Engineering
Active Directory Monitoring: LDAP Log Analysis and ELK Rules Active Directory (AD) is a directory service developed by Microsoft. It is used by most companies to manage identities, user accounts, machines, secur... 13.10 Infra & Network
AD CS Security: Understanding and Exploiting ESC Techniques After presenting the operating principles of Active Directory Certificate Services (AD CS) in a previous article, it is now time to address a more off... 25.09 Infra & Network
Host Header Attacks, Exploitations and Security Tips According to the RFC 2616 standard, the ‘Host’ header is mandatory in an HTTP request. It indicates the host and, if applicable, the port of the reque... 22.09 Applications
GCP Penetration Testing: Methodology and Use Cases Pentesting a GCP (Google Cloud Platform) infrastructure and the web applications deployed on it is a key step in identifying vulnerabilities and stren... 11.09 Cloud
What is CRLF Injection? Exploitations and Security Tips A simple line break seems harmless when thinking about a web application. However, if poorly managed, it can open the door to serious attacks. This is... 10.09 Applications
Black Box Exploitation of a Deserialisation Vulnerability Deserialisation vulnerabilities are often difficult to exploit. In most cases, you need access to the source code to identify the available classes or... 03.07 Applications
Understanding Active Directory Certificate Services (AD CS) As part of our internal penetration tests, we regularly encounter AD CS (Active Directory Certificate Services) infrastructures deployed on corporate ... 19.06 Infra & Network
