• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Blog

You are here

05

Oct

Discovering Sensitive Information in File Shares

When carrying out internal penetration testing engagements, one of the first areas a penetration tester will focus on is identifying which shares are accessible to low privileged domain users or anonymous users in the hope of finding sensitive information such as passwords, backup files or confid

02

Oct

Active Directory Password Auditing Part 1 - Dumping the Hashes

One of the recurring issues in our internal penetration tests is inadequate password management, which in most cases leads to a fast takeover of the Active Directory (AD) domain.

22

Sep

Scanning IPv6 Networks

As a networking student I remember reading about IPv6 and its imminent introduction on more than one occasion.

15

Sep

Changes to the Cyber Essentials Questionnaire

A new version of the CREST Cyber Essentials questionnaire (part of the Cyber Essentials assessment) has been made available by CREST, with a grace period of until September the 28th 2017 for using the older version for submissions. There are several changes which are summarised as follows.

08

Sep

Do You WannaCry? A Taste of SMB Exploitation

On Friday, 12th May 2017, an unprecedented ransomware attack, named WannaCry infected more than 230,000 computers in 150 countries and a number of large organisations such as the NHS, Telef

Pages