SiegeCast: Cobalt Strike Basics

Sept 14th at 3pm Eastern. Tim Medin breaks down everything you need to know about Cobalt Strike with its very own Tech Director, Joe Vest How to watch: Youtube: Twitch:   > DOWNLOAD SLIDES HERE <...

read more

Bypassing Signature-Based AV

If you want to execute arbitrary code on an endpoint during a penetration test, red team, or assumed breach, chances are you'll have to evade some kind of antivirus solution. AV engines use two detection methods to identify malicious code – signature-based and...

read more

SiegeCast: The Way of the Spray

August 24th at 3pm Eastern. In a world where the security landscape is ever changing, weak passwords and an attackers ability to leverage that weakness is the gift that keeps on giving. In this talk Jason goes over password spraying tools, techniques, and tips, that...

read more

Now Streaming SiegeCasts!

We are excited to bring you this brand new SiegeCast in a fresh new format!  On August 24th at 3pm Eastern the new SiegeCast from  Security Consultant Jason Downey will be live on multiple streaming platforms. We want you to be able to watch your next SiegeCast on...

read more

Sans Core Netwars Tournament of Champions Europe

From Justin Palk, Security Consultant: I'll be honest, it feels good to win. Popping a shell sends a shiver down my spine. But getting into a duel with another team working the same environment? Both trying to reach the same goal, being able to see how close you are...

read more

Hacking OAuth2.0

The intent of this blog is to help penetration testers and security researchers get a deeper understanding of the OAuth protocol. We are going to learn how to bypass authentication using OAuth's implicit flow. Before we attack OAuth we need to have an understanding on...

read more

Networking Fundamentals Part I

This blog is the first of three in a series to go over some basic networking fundamentals that every security professional should know. These blogs are geared towards the absolute beginner and will cover a lot of different topics at a high level. These blog posts are...

read more

Threading the Needles: Why Defense in Depth Still Matters

I recently performed an assumed breach test against what I would consider an Apex Defender organization. The security team is smart, well-funded, extremely capable, and resourceful. The team has both hardened systems and instrumented great logging and monitoring....

read more

Free Backgrounds for Everyone!

No one knows what the future holds, but 2021 is shaping up to be another year of remote work and video conferences. With that in mind, we wanted to provide some Red Siege creative backgrounds for you to use for free! Finding the right background for your Zoom meeting...

read more


Search the blog

Never miss a blog or webcast!
No spam. No junk. Just notifications on new content. SUBSCRIBE!