Vulnerability scanners using password-based auth can leak credentials and enable lateral movement. Learn risks, attack techniques, and hardening steps.| Praetorian
Gain complete visibility into your expanding attack surface management through continuous discovery, identification, and monitoring.| Praetorian
Overview At Black Hat and DEF CON, we demonstrated how red teams could tunnel traffic through everyday collaboration platforms like Zoom and Microsoft Teams, effectively transforming them into covert communication channels for command-and-control. That research highlighted a critical blind spot: defenders rarely block traffic to core business services because doing so would disrupt legitimate operations. […] The post Domain Fronting is Dead. Long Live Domain Fronting! appeared first on Prae...| Praetorian
Annual pen tests are snapshots of the past. Continuous offensive security with Chariot shows what’s exploitable today, and helps you stay ahead.| Praetorian
Overview The Praetorian Labs team recently conducted research into potential initial access vectors for red team engagements, focusing on attack techniques leveraging malicious applications distributed through platforms like the Microsoft Store. This included OAuth applications, malicious Outlook extensions, and other types of applications that could be delivered via the Windows Store. As part of this […] The post OAuthSeeker: Leveraging OAuth Phishing for Initial Access and Lateral Movemen...| Praetorian
In part one, we discussed the architecture of web conferencing applications, with a specific focus on Zoom’s architecture to support web conferencing at a massive global scale. Part two will discuss the approach we developed to support tunneling traffic through Zoom and Microsoft Teams using the TURN protocol. Let’s start with a quick recap of […] The post Ghost Calls: Abusing Web Conferencing for Covert Command & Control (Part 2 of 2) appeared first on Praetorian.| Praetorian
In the middle of a particularly tight red team engagement, we hit a familiar wall. Our long-term implant was rock solid—quiet, persistent, and thoroughly under the radar. But when it came time to pivot into something more interactive—proxy traffic, tunnel HVNC, relay NTLM—we started running into limits. The channel that worked so well for low-and-slow […]| Praetorian
Network penetration testing identify and mitigate vulnerabilities in network infrastructure, Active Directory, cloud environments, and IoT| Praetorian
In penetration testing and red teaming, success often lies in uncovering hidden paths of least resistance. While sophisticated exploits and zero-days frequently capture headlines, highly effective attack opportunities often hide in plain sight – like within internal logging and monitoring platforms. At Praetorian, we’ve observed first-hand the value of targeting internal logging and monitoring platforms […]| Praetorian
Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. Recently, we decided to take a look at Qlik Sense Enterprise, a data analytics solution similar to Tableau. The recent exploitation of vulnerabilities in the […]| Praetorian
Overview On August 29th, 2023, Qlik issued a patch for two vulnerabilities we identified in Qlik Sense Enterprise, CVE-2023-41265 and CVE-2023-41266. These vulnerabilities allowed for unauthenticated remote code execution via path traversal and HTTP request tunneling. As part of our standard operating procedure, we performed a diff of the issued patch to identify potential bypasses […]| Praetorian
Our Red Team has explored and exploited vulnerabilities in the CI/CD space over the last several years, resulting in numerous successful offensive operations, open-source tool development, and presentations at Black Hat, DEF CON, and Schmoocon. With organizations increasingly relying on automated deployment pipelines, securing CI/CD infrastructure has become more critical than ever — yet many […] The post CI/CD Training from the Front Lines: Offensive Security at Black Hat appeared first ...| Praetorian
Introducing GitPhish: An open-source tool for automating GitHub Device Code phishing attacks with dynamic code generation and professional landing pages for red teams.| Praetorian
Systematically identify, evaluate, and addressing security vulnerabilities across your digital infrastructure.| Praetorian
Chariot monitors emerging threats, including detailed analysis of new vulnerabilities, exploits, and attack vectors from a variety of trusted sources.| Praetorian
Continuous Penetration Teaming A proactive approach to testing your security posture through ongoing real-world attack simulations. Proactive Security to Uncover Your Organizations Material Risk Our continuous red teaming service provides actionable intelligence insights derived by emulating real-world attack scenarios on your systems and infrastructure. The knowledge gained through these insights empowers your organization to: Prioritize […]| Praetorian
Breach and attack simulation services for real-world attack scenarios to test the effectiveness of security controls and identify weaknesses.| Praetorian
Gain complete visibility into your expanding attack surface management through continuous discovery, identification, and monitoring.| Praetorian
Attack path mapping navigate the complexities of your network security with precision, ensure vulnerabilities are identified and neutralized| Praetorian
Connect with a Security Expert See how Praetorian prevent breaches by emulating attackers. Proactively identify and address exploitable vulnerabilities in your organization with our comprehensive suite of cybersecurity solutions. Or Email us: info@praetorian.com Check Out Our Platform Overview How Can We Reach You? Please provide your contact information Trusted by the World’s Most Iconic Brands| Praetorian
What if all it took to compromise a GitHub organization–and thus, the organization’s supply chain–was an eight-digit code and a phone call? Introducing: GitHub Device Code Phishing. While security teams have been battling Azure Active Directory device code phishing attacks for years, threat actors have overlooked GitHub’s OAuth2 device flow as an attack vector. At […] The post Introducing: GitHub Device Code Phishing appeared first on Praetorian.| Praetorian
Chariot takes holistic approach to Continuous Threat Exposure Management combining people, process, and technology with proprietary platform| Praetorian
An exposed GitHub token could have been used to launch a supply chain attack on GitHub CodeQL, resulting in source code exposure and repository tampering of CodeQL users.| Praetorian