Stay up to date on the latest tech trends, IT news, and cybersecurity threats with our educational blog.

shellntel

Circle City Con: 2015 CTF Writeup

The shellntel team attended Circle City Con this year and participated in their second annual Capture The Flag tournament.  While there was many great things at the conference, this event held our attention for its majority as we spent the majority of our time solving the puzzles.  In the end, we ended up taking second […]

Learn More
Qualys Scanner API In Powershell Including External Ticket Creation

So you would like to automate your vulnerability management lifecycle?  Good luck.  But if you are motivated hopefully this little bit of powershell will help.  Here are the prereqs: - Must have powershell v3 - Must use Qualys for vulnerability scanning.  - For added functionality an additional cmdlet has been included to generate tickets with an […]

Learn More
Validating the Effectiveness of Your Controls

About six years ago, social engineering penetration tests became the norm for the A-Team.  In many of these tests, our team would attempt as many as 10-20 unique exploits against various applications and operating system functions.  This often included exploits against Flash, Java, Adobe Reader, MS Office and IE.  While one or two exploit attempts […]

Learn More
Dragon: A Windows, non-binding, passive download / exec backdoor

In my many years of participating in CCDC, I keep running into the same problem.  If you've red teamed for one of these events, I'm sure you've probably encountered similar issues.  You've gotten a shell on a system, you've even installed a backdoor either through a bind listener, or through a reverse connection that calls back periodically. However, savvy […]

Learn More
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram