Compass Security Blog - Offensive Defense

NTLM Relaying to HTTPS

NTLM is the legacy authentication protocol in Windows environment. In the past few years, I've had the opportunity to write on this blog about NTLM…

Lire la suite

bRPC-Web: A Burp Suite Extension for gRPC-Web

The gRPC framework, and by extension gRPC-Web, is based on a binary data serialization format. This poses a challenge for penetration testers when…

Lire la suite

LockBit Breach: Insights From a Ransomware Group’s Internal Data

Something a bit wild happened recently: A rival of LockBit decided to hack LockBit. Or, to put this into ransomware-parlance: LockBit got a post-paid…

Lire la suite

Ensuring NIS2 Compliance: The Importance of Penetration Testing

The Network and Information Security Directive 2 (NIS2) is the European Union's latest framework for strengthening cyber security resilience across…

Lire la suite

Collaborator Everywhere v2

Collaborator Everywhere is a well-known extension for Burp Suite Professional to probe and detect out-of-band pingbacks. 

 

We developed an upgrade to…

Lire la suite