Adventures in Shellcode Obfuscation! Part 3: Encryption
By Mike Saunders, Principal Security Consultant This blog is the third in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
Blog – Red Siege Information Security
Phone Switch Labs CTF – Walk-Through
by Douglas Berdeaux, Senior Security Consultant CTF redsiege.com/phoneswitch Getting Started Phone phreaking is the practice of exploring and hacking telephones, telephone switches, telephone test equipment, and physically exploring the telephone […]
Adventures in Shellcode Obfuscation! Part 2: Hail Caesar!
by Mike Saunders, Principal Security Consultant This blog is the second in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
Adventures in Shellcode Obfuscation! Part 1: Overview
by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]
Essential Steps for Management to Maximize the Value of a Penetration Test Report
by Tim Medin, CEO Penetration testing is a critical component of a well-rounded cybersecurity strategy. Penetration testing identifies vulnerabilities before malicious actors can exploit them. However, the true value of […]
Fun With JWT X5u
by Senior Security Consultant Douglas Berdeaux On a recent web application penetration test engagement, I came across a JSON Web Token (JWT) that contained an x5u header parameter. I almost […]
Penetration Testing, Red Teaming, and Vulnerability Assessments