Threat & Attack Simulation

This Caller Does Not Exist: Using AI to Conduct Vishing Attacks

This Caller Does Not Exist: Using AI to Conduct Vishing Attacks

| | AI, Blog, Cybersecurity, TAS, Technical, Threat & Attack Simulation, vishing
As technology advances, attackers are quick to adapt, using cutting-edge innovations to craft social engineering attacks that exploit the one […] ...
The Guiding Point | GuidePoint Security
Building a Hardware Hacking Arsenal: The Right Bits for Every Byte

Building a Hardware Hacking Arsenal: The Right Bits for Every Byte

| | Blog, Security Awareness & Education, TAS, Threat & Attack Simulation
In our last IoT blog post we dove headfirst into IoT Security Assessments with a crash course in the methodology […] ...
The Guiding Point | GuidePoint Security
How Hackers Steal Your RFID Cards

How Hackers Steal Your RFID Cards

| | Blog, Cybersecurity, Red Team, RFID, Security Awareness & Education, Technical, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Radio Frequency Identification (RFID) cards are ubiquitously used to authenticate using a physical token. This technology is often embedded in […] ...
The Guiding Point | GuidePoint Security
How to Make Adversaries Cry: Part 1

How to Make Adversaries Cry: Part 1

| | Blog, Cybersecurity, Technical, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
In the ever-evolving landscape of cybersecurity, defense against intruders requires constant vigilance and proactive measures. For organizations relying on Active […] ...
The Guiding Point | GuidePoint Security
SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

| | Blog, Cybersecurity, Penetration Testing, Threat & Attack Simulation, vulnerability, Vulnerability Management & Penetration Testing
TL;DR: Compromise of an SCCM administrator account can easily lead to compromise of every machine managed by SCCM. As this […] ...
The Guiding Point | GuidePoint Security
The Art of Self-Defense: Security Validation Through Attack Simulation

The Art of Self-Defense: Security Validation Through Attack Simulation

| | BAS, BAS as a Service, Blog, Cybersecurity, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Additional authors: Nic Finn Setting the Stage Organizations looking to develop an increasingly proactive defensive strategy are beginning to incorporate […] ...
The Guiding Point | GuidePoint Security
Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques

Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques

| | Blog, Cybersecurity, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
NTLM (NT LAN Manager) relaying is an attack technique that has been around for years yet is still incredibly effective.  […] ...
The Guiding Point | GuidePoint Security
SCCM Exploitation: Compromising Network Access Accounts 

SCCM Exploitation: Compromising Network Access Accounts 

| | Blog, Cybersecurity, Penetration Testing, pentesting, SCCM, Security Research, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Authors: Marshall Price and Connor Dowling TL;DR: SCCM Network Access Accounts (NAA) are frequently used despite being associated with several […] ...
The Guiding Point | GuidePoint Security
A Crash Course in Hardware Hacking Methodology: The Ones and Zeros

A Crash Course in Hardware Hacking Methodology: The Ones and Zeros

| | Blog, Cybersecurity, Internet of things, iot, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Author: Nathan Keys The Internet-of-Things (IoT) has quickly and seamlessly become woven into the fabric of our daily existence. With […] ...
The Guiding Point | GuidePoint Security
SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery 

SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery 

| | Blog, Cybersecurity, Penetration Testing, pentesting, SCCM, Security Research, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account […] ...
The Guiding Point | GuidePoint Security
Load more