Overview The Praetorian Labs team recently conducted research into potential initial access vectors for red team engagements, focusing on attack techniques leveraging malicious applications distributed through platforms like the Microsoft Store. This included OAuth applications, malicious Outlook extensions, and other types of applications that could be delivered via the Windows Store. As part of this […] The post OAuthSeeker: Leveraging OAuth Phishing for Initial Access and Lateral Movemen...| Praetorian
In part one, we discussed the architecture of web conferencing applications, with a specific focus on Zoom’s architecture to support web conferencing at a massive global scale. Part two will discuss the approach we developed to support tunneling traffic through Zoom and Microsoft Teams using the TURN protocol. Let’s start with a quick recap of […] The post Ghost Calls: Abusing Web Conferencing for Covert Command & Control (Part 2 of 2) appeared first on Praetorian.| Praetorian
In the middle of a particularly tight red team engagement, we hit a familiar wall. Our long-term implant was rock solid—quiet, persistent, and thoroughly under the radar. But when it came time to pivot into something more interactive—proxy traffic, tunnel HVNC, relay NTLM—we started running into limits. The channel that worked so well for low-and-slow […]| Praetorian
Network penetration testing identify and mitigate vulnerabilities in network infrastructure, Active Directory, cloud environments, and IoT| Praetorian
In penetration testing and red teaming, success often lies in uncovering hidden paths of least resistance. While sophisticated exploits and zero-days frequently capture headlines, highly effective attack opportunities often hide in plain sight – like within internal logging and monitoring platforms. At Praetorian, we’ve observed first-hand the value of targeting internal logging and monitoring platforms […]| Praetorian
Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. Recently, we decided to take a look at Qlik Sense Enterprise, a data analytics solution similar to Tableau. The recent exploitation of vulnerabilities in the […]| Praetorian
Overview On August 29th, 2023, Qlik issued a patch for two vulnerabilities we identified in Qlik Sense Enterprise, CVE-2023-41265 and CVE-2023-41266. These vulnerabilities allowed for unauthenticated remote code execution via path traversal and HTTP request tunneling. As part of our standard operating procedure, we performed a diff of the issued patch to identify potential bypasses […]| Praetorian
Our Red Team has explored and exploited vulnerabilities in the CI/CD space over the last several years, resulting in numerous successful offensive operations, open-source tool development, and presentations at Black Hat, DEF CON, and Schmoocon. With organizations increasingly relying on automated deployment pipelines, securing CI/CD infrastructure has become more critical than ever — yet many […] The post CI/CD Training from the Front Lines: Offensive Security at Black Hat appeared first ...| Praetorian
Introducing GitPhish: An open-source tool for automating GitHub Device Code phishing attacks with dynamic code generation and professional landing pages for red teams.| Praetorian
Systematically identify, evaluate, and addressing security vulnerabilities across your digital infrastructure.| Praetorian
Chariot monitors emerging threats, including detailed analysis of new vulnerabilities, exploits, and attack vectors from a variety of trusted sources.| Praetorian
Continuous Penetration Teaming A proactive approach to testing your security posture through ongoing real-world attack simulations. Proactive Security to Uncover Your Organizations Material Risk Our continuous red teaming service provides actionable intelligence insights derived by emulating real-world attack scenarios on your systems and infrastructure. The knowledge gained through these insights empowers your organization to: Prioritize […]| Praetorian
Breach and attack simulation services for real-world attack scenarios to test the effectiveness of security controls and identify weaknesses.| Praetorian
Gain complete visibility into your expanding attack surface management through continuous discovery, identification, and monitoring.| Praetorian
Attack path mapping navigate the complexities of your network security with precision, ensure vulnerabilities are identified and neutralized| Praetorian
Cybersecurity leader providing attack surface and vulnerability management, breach & attack simulation, red teaming, and threat intelligence| Praetorian
Red team that simulates real-world attacks to uncover vulnerabilities across people, processes, and technology across detection and response.| Praetorian
IoT penetration testing that assesses backend systems and business processes to hardware and mobile devices, identifying vulnerabilities| Praetorian
Connect with a Security Expert See how Praetorian prevent breaches by emulating attackers. Proactively identify and address exploitable vulnerabilities in your organization with our comprehensive suite of cybersecurity solutions. Or Email us: info@praetorian.com Check Out Our Platform Overview How Can We Reach You? Please provide your contact information Trusted by the World’s Most Iconic Brands| Praetorian
What if all it took to compromise a GitHub organization–and thus, the organization’s supply chain–was an eight-digit code and a phone call? Introducing: GitHub Device Code Phishing. While security teams have been battling Azure Active Directory device code phishing attacks for years, threat actors have overlooked GitHub’s OAuth2 device flow as an attack vector. At […] The post Introducing: GitHub Device Code Phishing appeared first on Praetorian.| Praetorian
Learn how Praetorian's IoT team successfully hacked a vape using makeshift tools at a conference bar, dumping firmware via Serial Wire Debug and extracting custom images from the device.| Praetorian
Two CI/CD vulnerabilities in the nodejs/node GitHub repository exposed Node.js to remote code execution on Jenkins agents and the potential to merge unreviewed code to the main branch of the repository.| Praetorian
Learn about ELFDICOM, a Linux malware hidden in DICOM medical images. Learn how Praetorian's polyglot exploit threatens healthcare security via CVE-2019-11687.| Praetorian
Chariot takes holistic approach to Continuous Threat Exposure Management combining people, process, and technology with proprietary platform| Praetorian
An exposed GitHub token could have been used to launch a supply chain attack on GitHub CodeQL, resulting in source code exposure and repository tampering of CodeQL users.| Praetorian
