Expanded interaction between cloud-hosted and on-premise components has contributed to the increased complexity of companies’ tech stacks. As this and other cyber technologies evolve, so do the associated cybersecurity concerns. Traditional penetration testing, focused on a single component like a web application, has difficulty aligning to this new dynamic. If ... Read More

At Praetorian, we’ve never asked interns to file or fetch coffee. How boring would that be, and what a waste of curiosity and talent! Instead, we focus on providing actual work experience and teaching hard skills our interns can’t learn in a classroom. In fact, we go above and beyond ... Read More

Introduction Port fingerprinting can detect specific services running on a network, which makes it useful during penetration tests. It expands visibility into potential attack surfaces and vulnerabilities within the network environment. Over the summer, our interns worked towards developing a new tool for port fingerprinting services: Fingerprintx Fingerprintx is a ... Read More

A few years ago, I read the “Uroburos: The Snake Rootkit” [1] paper written by Artem Baranov and Deresz and was captivated by the hidden kernel-mode Virtual File System (VFS) functionality implemented within Uroburos. Later, I decided to learn Windows device driver programming and thought replicating this functionality within my ... Read More

A need for public trust in information systems has driven continuous technological advances and new regulatory requirements, which have in turn made the global cyber threat landscape more complex and connected (see figure 1). As Boards of Directors, regulators, and the public become more aware of this interplay, organizations will ... Read More

Consider an application written in a higher-level language like Python, NodeJS, or C#. This application must handle sensitive data such as banking credentials, credit card data, health information, or network passwords. The application developers have already hardened the application against malicious users and are confident that it is not vulnerable ... Read More

When deciding on what type of security assessment to get, an organization should consider how much information they are willing to share. Several types of assessments exist, and the key differentiator is how much access an organization grants the testers from the beginning. The terms blackbox, greybox, and whitebox refer ... Read More

Overview During the summer, my colleague Derya Yavuz and I published an article on some of the different methods we’ve leveraged to elevate privileges within Active Directory environments. We discussed authentication coercion techniques such as PrinterBug, PetitPotam, and DFSCoerce. One of the techniques we mentioned in that article was performing ... Read More

Culture of Excellence Praetorian’s culture is one of delivering excellence to others, whether securing a client or securing the family–each other and at home. This is only possible when each employee takes responsibility for their role in maximizing the utility of that delivery. Each of our company core values boil ... Read More

On 17 August 2022, NIST conducted the first Workshop to organize the effort to update the NIST Cybersecurity Framework (CSF) to version 2.0. Praetorian originally submitted comments to the CSF 2.0 RFI in February 2022. This Workshop provided a forum for NIST to frame the discussion around the major topics ... Read More