Blog – Red Siege Information Security

by Jason Downey The Vendor Requirement The final entry in The Aftermath blog series. At this point, I had successfully social engineered credentials, bypassed multifactor authentication, and established command and […]

by Jason Downey The Simple Stuff By now, I had social engineered credentials, bypassed MFA, and gained access to a VDI environment. In this entry, we’ll discuss how I successfully […]

by Jason Downey The Condition In the first entry, I was able to social engineer a set of domain credentials. In this entry, we’ll discuss how I gained access to […]

by Jason Downey Welcome to The Aftermath Blog Series Instead of a standard technical blog series diving deep into specific tools and commands to pop some kind of leet exploit, […]

by Stuart Rorer, Security Consultant Uncovering Technical Artifacts One of my favorite childhood memories was going with my sister to look for artifacts after a solid rain. We lived near […]

by Douglas Berdeaux, Senior Security Consultant I have a question for web application penetration testers: How do you provide remediation advice to clients for user input handling flaws in their […]

Continuous penetration testing is a proactive approach that involves ongoing automated and manual security testing to identify vulnerabilities in a much shorter timeline. Unlike annual or quarterly penetration tests, this […]

The Red Siege train is heading to Denver, Colorado, for the first-ever Wild West Hackin’ Fest @ Mile High from February 5-7, 2025! If you’re a cybersecurity professional who loves […]

Ever wondered if your organization is truly secure or if your teams are just crossing items off a checklist? A Security Posture Review (SPR) is a solid way to answer […]

The Security Posture Review (SPR) is the newest addition to our suite of security offerings at Red Siege. We’ve combined our collective experiences in red team, blue team, and security […]

At Red Siege, we’ve earned our reputation as a leader in offensive security by delivering expert-driven solutions that prioritize what matters most to CISOs and cybersecurity professionals. From penetration testing […]

By Stuart Rorer, Security Consultant Conflicts of Time “Time is of the essence”, an idiom of immense truth. Being one of our most valuable commodities, it often feels as if […]

In the most recent SiegeCast, Corey Overstreet, Senior Security Consultant at Red Siege, took cybersecurity professionals on a deep dive into modern malware techniques. With the landscape of malware evolving […]

This is for the Vishing CTF Challenge at Wild West Hackin Fest 2024. Please visit our booth to get the starting phone number. In this vishing CTF challenge, your mission […]

As proud sponsors of Wild West Hackin’ Fest, Red Siege is excited to return to Deadwood for another year of cutting-edge training, engaging talks, and unique experiences. The event is […]

by Mike Saunders, Principal Consultant     This blog is the fourteenth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]

by Mike Saunders, Principal Security Consultant     This blog is the thirteenth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]

Collaboration between offensive (Red Team) and defensive (Blue Team) operations is essential to fortify an organization’s defenses. During a recent SiegeCast session, Tim Medin (CEO of Red Siege), Justin Polk […]

by Mike Saunders, Principal Consultant     This blog is the twelfth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]

by Douglas Berdeaux, Senior Security Consultant   As penetration testers, ensuring the security and integrity of our tools and data is paramount. One key aspect of this is creating a […]