Determining Risk Less Badly

“Risk is a factor in decisions, as well as costs, interests, and even our ability to frame decisions around a risk.” - Ryan McGeehan The sole reason for ranking risk is so that decisions makers can use it as a factor for making some decision. If that risk ranking is...
Read More

ForeScout Secure Connector Local Privilege Escalation

Application: ForeScout CounterACT Secure Connector Operating System tested on: Windows 10 1809 (x64) Vulnerability: ForeScout CounterACT SecureConnector Local Privilege Escalation through Insecure Folder Permissions Overview: This vulnerability exists due to the permissions set on the logs directory used by the ForeScout SecureConnector application. Every several seconds, a new log entry...
Read More

ServiceNow - HelpTheHelpDesk And The Hackers

tldr; ServiceNow had a feature that exposed credentials to hundreds (if not thousands) of their customers ServiceNow instances. These credentials varied from limited permissions, to full administrative access to the ServiceNow instance. The vulnerability was patched on October 8th, 2020. ServiceNow has a feature, that when configured, allows ServiceNow customers...
Read More

Measuring Your Red Team

How do you measure your Red Team? One of the primary differences between a Red Team and a Penetration Testing team is the primary stakeholder. With a Red Team, the primary stakeholders are those responsible for your detection and response capabilities. That being said, a side effect of Red Team...
Read More

Serverless Authentication FTW

Many applications you find on GitHub that can be used for one off tasks, or for simple automation don’t have built in authentication. Typically, I just run it on localhost and port forward, or just run the application locally. This can be a pain and doesn’t scale very well. With...
Read More

Synthesis Of Vectors

If you are only as strong as your weakest link, don’t let that weak link be your detection and response capabilities.. There will always be multiple gaps in each layer of your defense in depth model. Make sure finding those gaps takes longer than your detection and response times. Visualizing...
Read More