Published inCYESECBuilding a Modern Red Team InfrastructureAs companies become more aware of the importance of increasing cybersecurity and incorporating red teaming evaluations into their advancing…Feb 23, 20231Feb 23, 20231
Published inCYESECAzure AD Privilege Escalation through Auto Assignment PoliciesA recently released Azure AD Identity Governance feature can be abused for Privilege Escalation within Azure Environments through dynamic…Nov 10, 2022Nov 10, 2022
Published inCYESECCreating a Python Slack Bot — The Monkey GuideConfession: I really like guides that spell things out for me. Monkey see, monkey do.Aug 14, 20221Aug 14, 20221
Published inCYESECYour Code Should Do Security Checks at the Last Possible MomentSometimes it feels like there’s a tradeoff between security and simplicity, agility, performance, or usability. In many cases this feeling…Jul 20, 2022Jul 20, 2022
Published inCYESECQuantifying the Cost of a Data BreachFor most people, when the phrase “data breach” is thrown into the conversation, the first thought that usually comes up is — “just don’t…Jun 6, 2022Jun 6, 2022
Published inCYESECAre WE There Yet?Thoughts on what the future holds amidst the Russian-Ukrainian CrisisMay 9, 2022May 9, 2022
Published inCYESECThe Chum Bucket: Thoughts About S3 Buckets From an Attackers PerspectiveFor a long time now, S3 buckets have become a staple for almost any organization that has gotten into the cloud computing environment…Apr 24, 20222Apr 24, 20222
Published inCYESECHave YOU Attacked Your Own Network Yet?Security professionals around the world are investing a large amount of time and effort in order to improve their security posture…Apr 12, 20221Apr 12, 20221
