Tag Archive for Adversary simulation
Social engineering

During this social engineering engagement, it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise the internal segmented infrastructure.
Client-Bank application compromise

This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws.
Internal adversary simulation

The adversary simulation activity allowed the security team to demonstrate a complete compromise path while not using any usual, “exploitable” vulnerabilities.
Red Teaming

Discovering potential compromise paths. Test threat response, detection, and investigation processes.