Blog
Credentialed Windows Remote Code Execution techniques
In this article, we’ll discuss some of the different ways we can execute arbitrary code or commands when we have already obtained Windows domain credentials, either in their plaintext form (user +...
How we use BloodHound, and how it can help defenders: 3 ways IT analysts could use BloodHound to improve Windows domain security
BloodHound, available at bloodhound.readthedocs.io, maps Windows Active Directory permissions to a graph database that lets users trace attack paths using a GUI and a query system. To make that more...
Four Easy Indicators of a Phish
Cybersecurity can be an endless game of cat and mouse, and attackers are constantly looking for ways into your organization. While major Internet and software providers, including the open source...
Inbox (1): Proper Email Authentication
Emails are sent from a source server to a destination server (sometimes through multiple hops) via the SMTP protocol. When you use a webmail client - think Gmail and Yahoo - to send an email, the web...
The Root of Certificate Authorities
Ask any cyber-security professional if using self-signed SSL certificates is acceptable, and they'll probably say "not really." Ask why, and we’ll say “we can’t always know who’s behind the screen,”...
Scanning SMB shares with SMBLS
In Carve's internal engagement service line, we simulate an attacker on a corporate network, which is usually Windows-based. We use a variety of tools to gather information, but we were frustrated by...
How to get better bugs from your pentest
During scoping for penetration tests, customers often say that they want us to perform the engagement exactly as a bad actor would, with no collaboration from the customer’s IT or security teams and...
Keeping an Eye on Your Public IP Space in Private
Keeping track of your company's public IP space is always a good idea. This means maintaining a centralized up-to-date list of: All static IP blocks allocated to you (by an ISP)All VPS instances...
Carve Partners with iVision to Offer Comprehensive Portfolio of IT Solutions
Since Carve’s inception 10+ years ago, we have grown to be a trusted partner to some of the largest global brands, high-tech start-ups and disruptors, and mid-sized enterprises that demand world-class cybersecurity expertise and white glove service. Carve Systems will continue to operate as the cybersecurity division of iVision.
Be careful with your testing account passwords
Author: Austin Ralls One of the easiest ways Carve consultants escalate privilege is reusing a password from a low-privilege account to authenticate to a high-privilege account. It doesn't happen all...