Blog
Introducing the Carve gcptool
Today I’d like to introduce gcptool, a Google Cloud Platform (GCP) focused tool to assist with auditing a cloud configuration. Here at Carve, we frequently test the security of our customer's cloud...
An Introduction to Server-Side Template Injections with Flask
The idea of a web application template is basically what it sounds like. Imagine it is around the holidays and you are writing letters to 20+ relatives. Having to write 20+ letters to each relative...
XSS through DHCP: How Attackers Use Standards
During a security assessment, we sometimes need to think outside of the box in order to find interesting and impactful exploits. To aid us in this, we can use protocol standards as a roadmap to...
Simplify Incident Response with CI/CD and Other Code Access Auditing
*Summary: this post talks about ways that organizations could implement security controls to log and audit code accesses to simplify incident response in the event of source code compromise.* A large...
iVision Teams Up with Plus+ Consulting to Scale Microsoft Cloud and Cybersecurity Practices
Atlanta, GA, July 11, 2022 – Today, iVision announced its acquisition of Plus+ Consulting, a digital transformation consultancy specializing in Microsoft Cloud and cybersecurity services. ...
Credentialed Windows Remote Code Execution techniques
In this article, we’ll discuss some of the different ways we can execute arbitrary code or commands when we have already obtained Windows domain credentials, either in their plaintext form (user +...
How we use BloodHound, and how it can help defenders: 3 ways IT analysts could use BloodHound to improve Windows domain security
BloodHound, available at bloodhound.readthedocs.io, maps Windows Active Directory permissions to a graph database that lets users trace attack paths using a GUI and a query system. To make that more...
Four Easy Indicators of a Phish
Cybersecurity can be an endless game of cat and mouse, and attackers are constantly looking for ways into your organization. While major Internet and software providers, including the open source...
Inbox (1): Proper Email Authentication
Emails are sent from a source server to a destination server (sometimes through multiple hops) via the SMTP protocol. When you use a webmail client - think Gmail and Yahoo - to send an email, the web...
The Root of Certificate Authorities
Ask any cyber-security professional if using self-signed SSL certificates is acceptable, and they'll probably say "not really." Ask why, and we’ll say “we can’t always know who’s behind the screen,”...