Attacking SAML implementations

SAML and SAML Attacks Recently a client mentioned that they wanted me to pay particular attention to the SAML authentication on an app I was going to be testing. It’s been a while since I’ve done anything with SAML, so I thought I’d refresh myself on...

SiegeCast: Cobalt Strike Basics

Sept 14th at 3pm Eastern. Tim Medin breaks down everything you need to know about Cobalt Strike with its very own Tech Director, Joe Vest How to watch: Youtube: https://redsiege.com/ytsubscribe Twitch: https://redsiege.com/twitch   > DOWNLOAD SLIDES HERE <...

Bypassing Signature-Based AV

If you want to execute arbitrary code on an endpoint during a penetration test, red team, or assumed breach, chances are you’ll have to evade some kind of antivirus solution. AV engines use two detection methods to identify malicious code – signature-based and...

SiegeCast: The Way of the Spray

August 24th at 3pm Eastern. In a world where the security landscape is ever changing, weak passwords and an attackers ability to leverage that weakness is the gift that keeps on giving. In this talk Jason goes over password spraying tools, techniques, and tips, that...

Now Streaming SiegeCasts!

We are excited to bring you this brand new SiegeCast in a fresh new format!  On August 24th at 3pm Eastern the new SiegeCast from  Security Consultant Jason Downey will be live on multiple streaming platforms. We want you to be able to watch your next SiegeCast on...