Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

Zacharias Pigadas

Red Teaming: Command and Control protocols

07/04/20 10:00

Red teaming, in an information security context, is an adversarial-based offensive activity against an organisation's assets, whether this is infrastructure, applications or people. Red teaming is a specialised penetration testing service offering wherein the attacker assumes the role of an advanced threat actor and attempts to compromise agreed upon components inside the target. The threat actors use Tactics, Techniques and Procedures (TTPs) in their compromise campaigns. It is designed to be stealthier than a typical penetration test and test the defences of a network against a persistent attacker. It is also goal driven to provide focus and guide the test towards what the targeted organisation sees as its most valuable assets rather than the common misconception of "get domain admin". Mitre's ATT&CK framework, provides a comprehensive breakdown of all the different tactics in a red teaming engagement and outline of all different techniques inside each tactic.

Read More
Christodoulos Lamprinos

A first look at today’s Command and Control frameworks

01/04/20 10:00

In InfoSec history books, 2019 should be called ‘The year of the Post-Exploitation Command and Control Frameworks’ with major projects falling in that category being developed and made public, such as:

Read More
Zacharias Pigadas

Kick-starting your internal Purple Team program on a budget

30/01/20 12:00

We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's what you need to know". Essentially purple teaming is the execution of Tactics, Techniques and Procedures (TTP) of a threat actor on monitored systems with the objective of identifying and bridging gaps in detection capabilities. We had a few comments on that blog post that such an activity seems daunting and requires an initial investment in both people and hardware resources.

Read More
David Kirkpatrick

Testing Problematic Authorisation Tokens With Burp

05/10/18 15:36

Every so often a web application comes along where a bit of customization is required in your testing strategy to test it properly. The Burp Suite proxy tool is probably one of the most used tools by penetration testers to test web applications. When a situation comes along where its normal customization menu options isn’t sufficient (e.g. using Burp Macros) we can include a custom written Burp Extension to do what we want.

Read More
Ray Simpson

Getting to Grips With the Australian Notifiable Data Breaches Scheme

19/06/18 13:48

In light of the Notifiable Data Breaches (NDB) scheme which came into effect in Australia on 22nd February 2018, Foregenix has launched three service packages designed to help Australian businesses identify and minimize the risk of being subject to NDB reporting regulations and fines.

Read More
Zacharias Pigadas

Red Teaming: Command and Control protocols

07/04/20 10:00

Red teaming, in an information security context, is an adversarial-based offensive activity against an organisation's assets, whether this is infrastructure, applications or people. Red teaming is a specialised penetration testing service offering wherein the attacker assumes the role of an advanced threat actor and attempts to compromise agreed upon components inside the target. The threat actors use Tactics, Techniques and Procedures (TTPs) in their compromise campaigns. It is designed to be stealthier than a typical penetration test and test the defences of a network against a persistent attacker. It is also goal driven to provide focus and guide the test towards what the targeted organisation sees as its most valuable assets rather than the common misconception of "get domain admin". Mitre's ATT&CK framework, provides a comprehensive breakdown of all the different tactics in a red teaming engagement and outline of all different techniques inside each tactic.

Read More
Christodoulos Lamprinos

A first look at today’s Command and Control frameworks

01/04/20 10:00

In InfoSec history books, 2019 should be called ‘The year of the Post-Exploitation Command and Control Frameworks’ with major projects falling in that category being developed and made public, such as:

Read More
Zacharias Pigadas

Kick-starting your internal Purple Team program on a budget

30/01/20 12:00

We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's what you need to know". Essentially purple teaming is the execution of Tactics, Techniques and Procedures (TTP) of a threat actor on monitored systems with the objective of identifying and bridging gaps in detection capabilities. We had a few comments on that blog post that such an activity seems daunting and requires an initial investment in both people and hardware resources.

Read More
David Kirkpatrick

Testing Problematic Authorisation Tokens With Burp

05/10/18 15:36

Every so often a web application comes along where a bit of customization is required in your testing strategy to test it properly. The Burp Suite proxy tool is probably one of the most used tools by penetration testers to test web applications. When a situation comes along where its normal customization menu options isn’t sufficient (e.g. using Burp Macros) we can include a custom written Burp Extension to do what we want.

Read More
Ray Simpson

Getting to Grips With the Australian Notifiable Data Breaches Scheme

19/06/18 13:48

In light of the Notifiable Data Breaches (NDB) scheme which came into effect in Australia on 22nd February 2018, Foregenix has launched three service packages designed to help Australian businesses identify and minimize the risk of being subject to NDB reporting regulations and fines.

Read More