Cookie Consent by Free Privacy Policy Generator
Headset0161 513 0960
Keep up with the latest insights from the experts at Secarma via our blog. This space is a knowledge hub that features business security advice, a deep dive into large-scale cyber attacks, technical how-to's, and much more.

If you'd like to collaborate with us on a blog, feel free to get in touch.

Using Machine Account Passwords During an Engagement

Introduction Of the many advancements in red teaming over the last 12 months, the development of...

Uploading Files to RDP, NVC, or Anywhere You Can Type

RDPUpload is a tool which implements an old technique for uploading files in python. There is...

SSRS Attacks Part 2 - Building an Empire

In part 1, we looked at dynamically extracting table data from a compromised SSRS server. We...

SSRS Attacks Part 1 - Dynamic Data Extraction

SQL Server Reporting Services (SSRS) is a reporting engine designed to allow creation, publication...

SoHopelessly Broken 0-day Strategy

In July we sent 4 of our team to Defcon with the intention of tackling whatever contests we could...

Setting Service Principal Names to Roast Accounts

As a continuation of our previous post, we wanted to discuss another technique that can help during...

Pandwarf in a KALI VM on a Windows Host

Secarma are getting more requests from customers for product reviews, radio frequency analysis and...

Is Dynamic Data Exchange (DDE) Injection a Thing?

This month our old friend Dynamic Data Exchange (DDE) within Microsoft’s office suite has been...

In (Zero) Days Gone By - Part 1 - Magento Unauthenticated SQLI (CVE-2011-4781)

Theorizing that one could dredge up old vulnerabilities and blog about them, Sam Thomas stepped...

INDUSTROYERS

Recently the world was introduced to ‘Industroyer‘, a malware variant with a focus on compromising...

Hacking with GIT: The Video

This is the first post in a series about my talk "hacking with Git" which was delivered at BSides...

online learning cybersecurity

Hacking with GIT: GIT-ENUM Metasploit Module Release

This is release two of three tools from my talk "Hacking with git" which I delivered at Glasgow...

Want more insights from us? Head over to our News page for a daily rundown of the latest technology and cybersecurity news. This includes everything from data breaches, ransomware attacks, and the most recent nefarious activities of cyber-criminals.

For shorter, more to-the-point news content and opinions, check out our Twitter and LinkedIn profiles.

Looking for technical content and ethical hacking how-to's? Follow this link to Secarma Labs - the place where our experienced security consultants get the opportunity to guest post. Secarma Labs also has a twitter account that will give you more up to date info on what our penetration testers are up to.

There's also the Hacked Off podcast where we interview security industry experts about the latest technology, good security practices, upcoming threats, their journeys into cyber, and what it's like to work in security today.

Check out our Blog Archive for older blog content too.