The Citrix NetScaler remote code execution vulnerability (CVE-2019-19781) has been a pretty popular topic over the last few weeks. Once public exploits of the vulnerability started to appear in the wild, TrustedSec deployed a Citrix NetScaler honeypot. We did not have to wait long for the attacks to begin. Less than 24 hours after deployment, the honeypot wa

With the recent Citrix ADC (NetScaler) CVE-2019-19781 Remote Code Execution vulnerability, the TrustedSec Incident Response team has been working closely with our offensive and research teams as they created a working exploit. This has allowed us to create a list of locations and indicators to search for on potentially compromised Citrix ADC hosts. Based

On December 17, 2019, Citrix released a critical advisory that allows for remote code execution. Advisories like these come out often for organizations, and critical exposures are nothing new for any company. However, when digging into the remediation step details, this advisory gave a substantial amount of information on the exploit itself. What makes this

The request-to-exit (REX) passive infrared (PIR) sensor. You know the one. Spray canned air or smoke in its face, it becomes disoriented and unlocks the door. Spit a mist of alcohol in its face, it gets a buzz and unlocks the door. The butt of many “jokes” for how easily it provides unauthorized entry, but is this just victim shaming? Courtesy

There is an old rule that if you find yourself doing anything more than twice, you should automate it. For developers, this may be software builds or the environments into which they will be deployed; for penetration testers, it may be the need to create a phishing host or a lab environment for testing. In any case, the goal is reliability and repeatability

Recently, I was prepping for a session and wanted to show the old hack where you boot into a Windows setup using a USB stick and change out the utilman.exe with cmd.exe. Utilman.exe is the binary behind this icon here on the logon screen: Figure 1 – Icon for Utilman.exe First, follow these instructions to get a USB stick with the Windows inst

Microsoft JScript and VBScript are two languages that can be used for initial code execution on a new target. This may be done through the use of a phishing payload that leverages .hta files or through the use of trusted binaries to execute a payload on a new target. The use of .hta files specifically is a known attack vector, well documented in places such

In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them. I am a big fan of LOLBins so we are going to focus on the binary Regsvr32, which is a known binary that can be used to execute code from an external SCT file. This was first discovered back in 2016 b

IntroductionThe goal of a Red Team assessment is for the Red Team to find as many vulnerabilities as possible within the customer’s current security setup. In general, this is accomplished by a lot of lateral thinking, trying different types of attacks and considering how certain defenses can be bypassed. However, some best practices exist for ensuring

Best open-source Red Team toolsOne of the best features of the cybersecurity community is the vast number of free and open-source tools that are available. Many very smart and skilled hackers have developed tools for a variety of purposes and made them available to the community.As a result, there are tons of options for open-source tools for Red Teami

Penetration testing is often conducted by security researchers to help organizations identify holes in their security and fix them, before cybercriminals have the chance. While there’s no malicious intent for the researcher, part of his job is to think and act like a cybercriminal would when hacking, or attempting to breach, an enterprise network. T

The need for Penetration TestingEvery organization should have a security policy designed to fit its needs based on risks, threats, regulations and the value of the information it wants to protect. Part of such a security policy should encompass vulnerability management and testing. More substantial and more security minded businesses often also perfor

Web application penetration testing is one of the most critical components of your information security program. The exploitation of a web-related vulnerability could result in a massive breach, so web security must be front and center in any organization. However, I often see people sweep web security under the rug and fail to follow through on their find

Given the increasing volume of connected devices throughout society, Internet of Things (IoT) security should be a key consideration for businesses and consumers alike. Embedded in everything from our homes and cars to commercial and industrial manufacturing, IoT solutions are already providing significant benefits. As a result, IDC expects organizations to

Hi Readers, This article is about Burp Suite Macros which helps us in automating efforts of manual input payload fuzzing. While it may be know to many testers, this article is written for those who are yet to harness the power of burp suite’s macro automation. In my penetration testing career so far, while performing fuzzing of parameters and page fiel