Indicators of Poor Assessment Work

Posted by Jake Reynolds on October 08, 2022

In the 11+ years Depth has been in business we've had the opportunity to see some less than stellar work as far as assessment services go. Our clients often send us assessment reports they've received from other security firms. Sometimes they want us to check remediation status on a single item. Other times they aren't sure whether a given vulnerability is...Continue reading 

Spray 365: A New Twist on Office 365 Password Spraying

Posted by Mark Hedrick on December 10, 2021

Spray365 Demo

TL;DR The current state of password spraying Office 365 accounts could benefit from new approaches to bypassing Azure AD conditional access policies and other techniques that make it difficult to detect password spraying techniques. Built with Python 3 using Microsoft's Authentication Library (MSAL), Spray365 makes password spraying more effective by identifying insecure conditional access policies and allows for randomized password spraying...Continue reading 

Classic API Unhooking to Bypass EDR Solutions

Posted by Brendan Ortiz on November 29, 2021

Defeating Av

Intro This blog post will be covering the classic technique used to unhook Windows APIs from EDR solutions. API hooking is a technique that is used by anti-virus and EDR solutions in an attempt to monitor process and code behavior in real time. Commonly, EDR solutions will hook Windows APIs in NTDLL.dll because the APIs in the NTDLL.dll...Continue reading 

Have Questions?
Get Answers