Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

Zacharias Pigadas

Recent Posts

Zacharias Pigadas

Reflections on the recent SolarWinds breach

17/12/20 14:59

So… 2020 is turning out to be the gift that keeps on giving. So much has happened within the last year both in InfoSec, and more importantly, in non-InfoSec, that we are pretty sure we will all be glad when 2021 comes along. With unexpected events coming our way in almost every single month of 2020, December has not failed to deliver.

Read More
Zacharias Pigadas

Using DNS as an out-of-band command output retrieval channel

04/06/20 10:02

Setting the scene

A fair amount of the work we do in the Foregenix Penetration Testing team is, in one way or another, a flavour of web application penetration testing. In these assessments we come across command execution vulnerabilities that belong in one of two different categories:

Read More
Zacharias Pigadas

Red Teaming: Command and Control protocols

07/04/20 10:00

Red teaming, in an information security context, is an adversarial-based offensive activity against an organisation's assets, whether this is infrastructure, applications or people. Red teaming is a specialised penetration testing service offering wherein the attacker assumes the role of an advanced threat actor and attempts to compromise agreed upon components inside the target. The threat actors use Tactics, Techniques and Procedures (TTPs) in their compromise campaigns. It is designed to be stealthier than a typical penetration test and test the defences of a network against a persistent attacker. It is also goal driven to provide focus and guide the test towards what the targeted organisation sees as its most valuable assets rather than the common misconception of "get domain admin". Mitre's ATT&CK framework, provides a comprehensive breakdown of all the different tactics in a red teaming engagement and outline of all different techniques inside each tactic.

Read More
Zacharias Pigadas

Kick-starting your internal Purple Team program on a budget

30/01/20 12:00

We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's what you need to know". Essentially purple teaming is the execution of Tactics, Techniques and Procedures (TTP) of a threat actor on monitored systems with the objective of identifying and bridging gaps in detection capabilities. We had a few comments on that blog post that such an activity seems daunting and requires an initial investment in both people and hardware resources.

Read More
Zacharias Pigadas

Purple Teaming, here's what you need to know.

27/04/18 10:11

Information security is infatuated with colours. It started with the blue boxing that allowed anyone to make free calls, then moved to black hats, white hats, grey hats (to denote attackers), then off to black box, grey box and white box testing to define the type of testing. The latest trend in colours reference red teaming, blue teaming and purple teaming. We will deal with the last one in the remainder of this blog.

Read More

Zacharias Pigadas

Recent Posts

Zacharias Pigadas

Reflections on the recent SolarWinds breach

17/12/20 14:59

So… 2020 is turning out to be the gift that keeps on giving. So much has happened within the last year both in InfoSec, and more importantly, in non-InfoSec, that we are pretty sure we will all be glad when 2021 comes along. With unexpected events coming our way in almost every single month of 2020, December has not failed to deliver.

Read More
Zacharias Pigadas

Using DNS as an out-of-band command output retrieval channel

04/06/20 10:02

Setting the scene

A fair amount of the work we do in the Foregenix Penetration Testing team is, in one way or another, a flavour of web application penetration testing. In these assessments we come across command execution vulnerabilities that belong in one of two different categories:

Read More
Zacharias Pigadas

Red Teaming: Command and Control protocols

07/04/20 10:00

Red teaming, in an information security context, is an adversarial-based offensive activity against an organisation's assets, whether this is infrastructure, applications or people. Red teaming is a specialised penetration testing service offering wherein the attacker assumes the role of an advanced threat actor and attempts to compromise agreed upon components inside the target. The threat actors use Tactics, Techniques and Procedures (TTPs) in their compromise campaigns. It is designed to be stealthier than a typical penetration test and test the defences of a network against a persistent attacker. It is also goal driven to provide focus and guide the test towards what the targeted organisation sees as its most valuable assets rather than the common misconception of "get domain admin". Mitre's ATT&CK framework, provides a comprehensive breakdown of all the different tactics in a red teaming engagement and outline of all different techniques inside each tactic.

Read More
Zacharias Pigadas

Kick-starting your internal Purple Team program on a budget

30/01/20 12:00

We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's what you need to know". Essentially purple teaming is the execution of Tactics, Techniques and Procedures (TTP) of a threat actor on monitored systems with the objective of identifying and bridging gaps in detection capabilities. We had a few comments on that blog post that such an activity seems daunting and requires an initial investment in both people and hardware resources.

Read More
Zacharias Pigadas

Purple Teaming, here's what you need to know.

27/04/18 10:11

Information security is infatuated with colours. It started with the blue boxing that allowed anyone to make free calls, then moved to black hats, white hats, grey hats (to denote attackers), then off to black box, grey box and white box testing to define the type of testing. The latest trend in colours reference red teaming, blue teaming and purple teaming. We will deal with the last one in the remainder of this blog.

Read More