MITRE ATT&CK APT 29 evaluation proves Microsoft Threat Protection provides deeper end to end view of advanced threats

As attackers use more advanced techniques, it’s even more important that defenders have visibility not just into each of the domains in their environment, but also across them to piece together coordinated, targeted, and advanced attacks. This level of visibility will allow us to get ahead of...

UPDATE: Infection Monkey 1.7.0

Infection Monkey 1.7.0 was released a while ago. My first post about this tool can be found in a post titled the List of Adversary Emulation Tools. This is a big, exciting release, with a ton of new features and improvements and as always, this post will list down the changes for this version. Wh...

Splunk Attack Range - A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk

The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server,...

New 4CAN tool helps identify vulnerabilities in on-board car computers

By Alex DeTrano, Jason Royes, and Matthew Valites. Executive summary Modern automobiles contain hundreds of sensors and mechanics that communicate via computers to understand their surrounding environment. Those components provide real-time information to drivers, connect the vehicle to a global...

UPDATE: Infection Monkey 1.6.3

PenTestIT RSS Feed Some days ago, Infection Monkey 1.6.3 was released. The first post about this tool can be found in a post titled the List of Adversary Emulation Tools. This is a small bugfix release, mostly around integration and packaging. It contains two user facing changes as well. What is...

When Time is of the Essence – Testing Controls Against the Latest Threats Faster

A new threat has hit head the headlines Robinhood anyone?, and you need to know if you're protected right now. What do you do? Traditionally, you would have to go with one of the options below. Option 1 – Manually check that IoCs have been updated across your security controls. This would require...

When Time is of the Essence – Testing Controls Against the Latest Threats Faster

A new threat has hit head the headlines Robinhood anyone?, and you need to know if you're protected right now. What do you do? Traditionally, you would have to go with one of the options below. Option 1 – Manually check that IoCs have been updated across your security controls. This would require...

PRYTEK meetup: Breach and Attack Simulation or Automated Pentest?

Last Tuesday, November 27, I spoke at "Business Asks for Cyber Attacks" meetup organized by PRYTEK investment platform. The event was held at the PRYTEK Moscow office in a beautiful XIX century building of a former textile manufactory. The goal of the meetup was to talk about new approaches in...

UPDATE: Infection Monkey 1.6.1

PenTestIT RSS Feed I'm sure you must have read my previous post title the List of Adversary Emulation Tools. In that post, I briefly mentioned about the Guardicore Infection Monkey. Good news now is that it has been updated! We now have Infection Monkey 1.6.1. An important change about this versi...

The Social-Engineer Toolkit v2.0 Released

The Social-Engineer Toolkit v2.0 Released The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to...

The Social-Engineer Toolkit v1.3.5 Released !

The Social-Engineer Toolkit v1.3.5 Released ! "The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to...