Homepage
Open in app
Sign in
Get started
Tenable TechBlog
Learn how Tenable finds new vulnerabilities and writes the software to help you find them
Research
Engineering
Follow
Multiples WordPress plugins CVE analysis
Multiples WordPress plugins CVE analysis
WordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…
Joshua Martinelle
Jan 24
Silo, or not silo, that is the question
Silo, or not silo, that is the question
Is putting most of the critical assets in a silo a good practice or does it lower your security level ? Example with a WSUS.
Gabriel Compan
Jan 18
SMB “Access is denied” caused by anti-NTLM relay protection
SMB “Access is denied” caused by anti-NTLM relay protection
Explanations of the “Microsoft network server: Server SPN target name validation level” hardening policy: what it does, how to…
Clément Notin [Tenable]
Jan 11
G-3PO: A Protocol Droid for Ghidra
G-3PO: A Protocol Droid for Ghidra
(A Script that Solicits GPT-3 for Comments on Decompiled Code)
Olivia Lucca Fraser
Dec 21, 2022
NETGEAR Router Network Misconfiguration
NETGEAR Router Network Misconfiguration
Last Minute Patch Thwarts Pwn2Own Entries
James Sebree
Dec 5, 2022
How to mimic Kerberos protocol transition using reflective RBCD
How to mimic Kerberos protocol transition using reflective RBCD
As I am often looking for misconfigurations dealing with Kerberos delegation, I realize that I was missing an interesting element while…
Gabriel Compan
Nov 7, 2022
Wordpress 6.0.3 Patch Analysis
Wordpress 6.0.3 Patch Analysis
Summary
Joshua Martinelle
Oct 31, 2022
Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark
Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark
I often use Wireshark to analyze Windows and Active Directory network protocols, especially those juicy RPC 😉 But I’m often interrupted in…
Clément Notin [Tenable]
Sep 28, 2022
Extracting Ghidra Decompiler Output with Python
Extracting Ghidra Decompiler Output with Python
Ghidra’s decompiler, while not perfect, is pretty darn handy. Ghidra’s user interface, however, leaves a lot to be desired. I often find…
James Sebree
Jul 28, 2022
Logging Passwords in Plaintext in Azure Arc
Logging Passwords in Plaintext in Azure Arc
Microsoft’s Azure Arc is a management platform designed to bridge multi-cloud and similarly mixed environments together in a convenient…
James Sebree
Jul 19, 2022
About Tenable TechBlog
Latest Stories
Archive
About Medium
Terms
Privacy