Adventures in Shellcode Obfuscation! Part 7: Flipping the Script
by Mike Saunders, Principal Security Consultant This blog is the seventh in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
Blog – Red Siege Information Security
Out of Chaos: Applying Structure to Web Application Penetration Testing
By Stuart Rorer, Security Consultant As a kid, I remember watching shopping contest shows where people, wildly, darted through a store trying to obtain specific objects, or gather as much […]
Adventures in Shellcode Obfuscation! Part 6: Two Array Method
by Mike Saunders, Principal Security Consultant This blog is the sixth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]
Advenutures in Shellcode Obfuscation! Part 5: Base64
by Mike Saunders, Principal Consultant This blog is the fifth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series here. […]
Adventures in Shellcode Obfuscation! Part 4: RC4 with a Twist
by Mike Saunders, Principal Security Consultant This blog is the fourth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
Preparing for a Penetration Test: Insights from Tim Medin, CEO of Red Siege Information Security
As the CEO of Red Siege Information Security, I’ve had the privilege of building an outstanding team of ethical hackers to conduct numerous penetration tests for organizations across many industries. […]
Adventures in Shellcode Obfuscation! Part 3: Encryption
By Mike Saunders, Principal Security Consultant This blog is the third in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
Phone Switch Labs CTF – Walk-Through
by Douglas Berdeaux, Senior Security Consultant CTF redsiege.com/phoneswitch Getting Started Phone phreaking is the practice of exploring and hacking telephones, telephone switches, telephone test equipment, and physically exploring the telephone […]
Adventures in Shellcode Obfuscation! Part 2: Hail Caesar!
by Mike Saunders, Principal Security Consultant This blog is the second in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
Adventures in Shellcode Obfuscation! Part 1: Overview
by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]
Essential Steps for Management to Maximize the Value of a Penetration Test Report
by Tim Medin, CEO Penetration testing is a critical component of a well-rounded cybersecurity strategy. Penetration testing identifies vulnerabilities before malicious actors can exploit them. However, the true value of […]
Fun With JWT X5u
by Senior Security Consultant Douglas Berdeaux On a recent web application penetration test engagement, I came across a JSON Web Token (JWT) that contained an x5u header parameter. I almost […]
Penetration Testing, Red Teaming, and Vulnerability Assessments