OUR LATEST RESEARCH
Flipper Zero Experiments – Sub-GHz
“The quieter you become, the more you are able to hear.” This is the tagline associated with Kali Linux, a Linux distribution used by security researchers, penetration testers, and hackers alike. In the context of [...]
ETWHash – “He who listens, shall receive”
ETWHash is a small C# tool used during Red Team engagements, that can consume ETW SMB events and extract NetNTLMv2 hashes for cracking offline, unlike currently documented methods. GitHub: https://github.com/nettitude/ETWHash Microsoft ETW (Event Tracing for [...]
Creating an IR Nightmare Drop Box
A common objective of physical assessments is placement of a drop box to establish communication out of the network environment. A few years ago, the choices were limited to NUC or a Raspberry PI type [...]
Using LoRa as a Side Channel
This article will focus on using a LoRa to create a side channel using a public LoRa infrastructure. By using a gateway and endpoints defined in a LoRa network service, it is possible to create [...]
I Don’t Need a Badge – Lessons Learned from Physical Social Engineering
A covert entry assessment is a physical security assessment in which penetration testers try to gain access to sensitive or valuable data, equipment, or a certain location on a target site, without being detected. This [...]