Homepage
Open in app
Sign inGet started

Tenable TechBlog

Learn how Tenable finds new vulnerabilities and writes the software to help you find them

  • Research
  • Engineering
  • Multiples WordPress plugins CVE analysis

    Multiples WordPress plugins CVE analysis

    WordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…
    Go to the profile of Joshua Martinelle
    Joshua Martinelle
    Jan 24
    Silo, or not silo, that is the question

    Silo, or not silo, that is the question

    Is putting most of the critical assets in a silo a good practice or does it lower your security level ? Example with a WSUS.
    Go to the profile of Gabriel Compan
    Gabriel Compan
    Jan 18
    SMB “Access is denied” caused by anti-NTLM relay protection

    SMB “Access is denied” caused by anti-NTLM relay protection

    Explanations of the “Microsoft network server: Server SPN target name validation level” hardening policy: what it does, how to…
    Go to the profile of Clément Notin [Tenable]
    Clément Notin [Tenable]
    Jan 11
    G-3PO: A Protocol Droid for Ghidra

    G-3PO: A Protocol Droid for Ghidra

    (A Script that Solicits GPT-3 for Comments on Decompiled Code)
    Go to the profile of Olivia Lucca Fraser
    Olivia Lucca Fraser
    Dec 21, 2022
    NETGEAR Router Network Misconfiguration

    NETGEAR Router Network Misconfiguration

    Last Minute Patch Thwarts Pwn2Own Entries
    Go to the profile of James Sebree
    James Sebree
    Dec 5, 2022
    How to mimic Kerberos protocol transition using reflective RBCD

    How to mimic Kerberos protocol transition using reflective RBCD

    As I am often looking for misconfigurations dealing with Kerberos delegation, I realize that I was missing an interesting element while…
    Go to the profile of Gabriel Compan
    Gabriel Compan
    Nov 7, 2022
    Wordpress 6.0.3 Patch Analysis

    Wordpress 6.0.3 Patch Analysis

    Summary
    Go to the profile of Joshua Martinelle
    Joshua Martinelle
    Oct 31, 2022
    Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark

    Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark

    I often use Wireshark to analyze Windows and Active Directory network protocols, especially those juicy RPC 😉 But I’m often interrupted in…
    Go to the profile of Clément Notin [Tenable]
    Clément Notin [Tenable]
    Sep 28, 2022
    Extracting Ghidra Decompiler Output with Python

    Extracting Ghidra Decompiler Output with Python

    Ghidra’s decompiler, while not perfect, is pretty darn handy. Ghidra’s user interface, however, leaves a lot to be desired. I often find…
    Go to the profile of James Sebree
    James Sebree
    Jul 28, 2022
    Logging Passwords in Plaintext in Azure Arc

    Logging Passwords in Plaintext in Azure Arc

    Microsoft’s Azure Arc is a management platform designed to bridge multi-cloud and similarly mixed environments together in a convenient…
    Go to the profile of James Sebree
    James Sebree
    Jul 19, 2022
    About Tenable TechBlogLatest StoriesArchiveAbout MediumTermsPrivacy