Attack Paths

Slack's popularity creates data exfiltration risks. Autonomous pentesting finds hidden vulnerabilities.

Hackers don’t break in, they log in. This has never been more true – as the demand for data increases, more files than ever are being stored across the enterprise. Local files, file shares, cloud backups, and more are filling up with precious data. And with that, comes increased risk that the data being stored…

As enterprises continue to transition on-premises infrastructure and information systems to the cloud, hybrid cloud systems have emerged as a vital solution, balancing the benefits of both environments to optimize performance, scalability, and ease of change on users and administrators. However, there can be risks involved when connecting a misconfigured or ill-protected network to cloud…

NodeZero APT: Azure Password Spray to Business Email Compromise

Since introducing NTLM coercion techniques such as PetitPotam into the NodeZero platform, we frequently have security practitioners request help understanding these techniques and what impact they have to their enterprise. There is a lack of concise resources to inform Blue Teams on how these techniques work, and clearly distinguishing them from other misconfigurations/vulnerabilities in the…

Misconfigured AWS Role Enables Cloud Initial Access

Pervasive CISA Known Exploited Vulnerability Enables Initial Access

A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.

Active Directory Analytics Solution Enables Domain Compromise

Combining Compromised Credentials Enables Domain Takeover