• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Blog

You are here

20

Feb

From Internal Web Application To Domain Admin

In a recent internal network penetration test I found a slightly less conventional route to get domain administrator privileges. This type of attack is certainly not new but it shows how thinking-out of the box takes a crucial part when comes to penetration testing.

04

Jan

Minimising the risk of using Java

Much as they may wish to do otherwise, organisations may need to install the Java Runtime Environment (JRE) so users have the Java Plugin they need for required web-sites, and/or run installed Java applications provided as JAR files.

08

Nov

CVE-2018-18863 ResourceLink Local File Inclusion

In a recent penetration test ResourceLink version 20.0.2.1 was found to be vulnerable to local file inclusion (LFI).

29

Oct

Combining Issues to Compromise the Domain

Internal penetration tests, as approached by Dionach, are a good exercise to assess the security of the internal networks of our clients.

22

Oct

Overview of iOS 12 Security Features

When deciding whether or not to install iOS 12, many iPhone and iPad users will be primarily concerned with the "flashier" features: Memojis, group FaceTime calls, performance improvements for older devices, and more.

Pages