Lucene search
K

6 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2023/12/05 6:27 a.m.23 views

OSINT. What can you find from a domain or company name

We carry out lots of attack surface assessments, parts of which involve investigating information that has been unintentionally disclosed. To help OPSEC people I thought it might be useful to go over some of the key things that can be found using domain and company names. Domain name So let’s div...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/21 7:22 p.m.50 views

Epik Confirms Hack, Gigabytes of Data on Offer

Epik, the domain registrar known for hosting several large right-wing organizations, has confirmed a hack of its systems, a week after attackers branding themselves part of the Anonymous hacktivist collective said that they had obtained and leaked gigabits of data from the hosting company,...

6.5AI score
Exploits0References14
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/09/02 5:55 a.m.24 views

OpSec. Expanding your search: Hunting domains

In the last few blogs I have introduced OSINT and OpSec, talked about leaky images and using Google Dorks and how to use those techniques specifically to examine your own corporate OpSec. One of the most important aspects is to understand how wide your target expands. Many companies own multiple...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2021/08/24 12:0 p.m.20 views

Effective Threat-Hunting Queries in a Redacted World

A decade ago, hunting for adversary infrastructure was often as simple as monitoring a domain registrant’s name or phone number in public WHOIS records. As bad actors have moved first toward privacy protection services and then gained further obscurity behind laws such as the General Data...

6.8AI score
Exploits0References1
Hacker One
Hacker One
added 2021/06/15 4:41 a.m.43 views

Reddit: Domain Takeover of Reddit.ru via DNS Hijacking

Summary I discovered that Reddit.ru was vulnerable to DNS hijacking via DNS provider, Reg.ru. This would allow a malicious attacker to control the content on this domain, as well as, create email addresses associated with it... I'm going to be totally honest and say that any of us ethical hackers...

2.3AI score
Exploits0
FireEye
FireEye
added 2020/03/31 12:0 a.m.16 views

It’s Your Money and They Want It Now — The Cycle of Adversary Pursuit

When we discover new intrusions, we ask ourselves questions that will help us understand the totality of the activity set. How common is this activity? Is there anything unique or special about this malware or campaign? What is new and what is old in terms of TTPs or infrastructure? Is this being...

7.1AI score
Exploits0References5
Rows per page
Query Builder