Blog

Selecting a Penetration Testing Provider – PART 1

Posted by Jake Reynolds on October 05, 2021Link 

Recently, I received a call from a long-time friend of mine with who I had never had the opportunity to work professionally. His company was launching a new online store, and after hearing his plans, we conducted an application penetration test to ensure it was secure for launch. This was the last person I thought I would have career intersectionality...Continue reading 

Bypassing App Locker & CLM While Evading EDR

Posted by Brendan Ortiz on September 29, 2021Link 

Applocker Image

Introduction The  last blog post I wrote got way more recognition than I expected and because of that, I was inspired to continue writing and sharing my experiences/research. This blog will be about the short journey I took to hone bypasses relating to Constrained Language Mode in PowerShell and AppLocker Policies. My goal was to create payloads that...Continue reading 

Obfuscating Malicious, Macro-Enabled Word Docs

Posted by Brendan Ortiz on September 13, 2021Link 

Evil Clippy 1200X934

Overview I was working on my OSEP certification when I was inspired to stop studying for a bit to deep-dive into malicious word documents. The OSEP certification inspired a lot of the content you'll see here and gave me a base to work up from. If you're looking for your next cyber security knowledge binge, I'd highly recommend the OSEP....Continue reading 

Have Questions?
Get Answers