
One of the most relevant techniques during the reconnaissance phase of an engagement is Subdomain Enumeration. This post aims to enhance subdomain enumeration by including a special DNS node (ENT) and the NOERROR response code that is often ignored.

Bastian Kanbach
10. August 2022

Windows Event Forwarding (WEF) offers a simple, free and already built-in solution to configure Windows workstations and servers to send encrypted log events to a centralized location for storage, analysis, attack & anomaly detection...

Carsten Sandker
22. Juli 2022

In this blog post, we would like to raise awareness for an often underestimated problem: the lack of publicly available information about the security specifications of modern Android smartphones on the market.

Tim Ohlendorf
14. Juni 2022

During an engagement in early 2021 my colleague and myself stumbled across an FTP server with a banner that we've never seen before...

Carsten Sandker
5. Mai 2022

Connaisseur is a Kubernetes admission controller for container image signature verification. The latest release v2.2 improves usability...

Dr. Christoph Hamsen
18. Oktober 2021

In the first part of this Active Directory (AD) spotlight I introduced the mechanics of Active Directory Trusts and highlighted what a...

Carsten Sandker
10. Oktober 2021

During an engagement in early 2021 my colleague and myself stumbled across an FTP server with a banner that we've never seen before....We downloaded the FTP Server, set up a testing environment, began to dissect it and found 6x high impact vulnerabilities.

Carsten Sandker
10. Oktober 2021

Container image signatures are a rarely implemented security feature, even though images' contents are ever changing and hard to get a grasp of, making it easy for attackers to hide malicious content in them.

Dr. Christoph Hamsen
27. Juli 2021

Connaisseur v2.0 adds support for multiple keys and signature solutions.

Dr. Christoph Hamsen
27. Juli 2021

Default AKS cluster stores admin credentials in Kubernetes ConfigMap.

Anneke Breust
17. Juli 2020

A central question in application security is: how do we ensure that our Docker containers actually run the code that we intend to run?

Dr. Peter Thomassen
14. Juli 2020

Tackling a New Challenge with the DNS

Dr. Peter Thomassen
12. Juli 2020