Pen Test Partners

The built-in Windows security features you should be using

TL;DR Introduction  It’s more common than you might think to miss built-in defences. Windows has a lot of features that help ...
pentestpartners.com

Pen Tester

We are seeking an enthusiastic security consultant to join our team. Working alongside some of the best hacking minds in the country, you will be delivering pen testing services to a diverse range of ...
pentestpartners.com

Pwning WordPress GraphQL

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...
pentestpartners.com

Reverse Engineering a 5g ‘Bioshield’

Six months ago the UK’s Glastonbury Town Council set up a 5g Advisory Committee to explore the safety of the technology, and last month the local paper reported their findings. This statement is in ...
pentestpartners.com

SweetPotato – Service to SYSTEM

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...
pentestpartners.com

Z-Shave. Exploiting Z-Wave downgrade attacks

TL;DR: Stronger S2 Z-Wave pairing security process can be downgraded to weak S0, exposing smart devices to compromise. Z-Wave uses a shared network key to secure traffic. This key is exchanged between ...
pentestpartners.com

Bypass SharePoint Restricted View to exfiltrate data using Copilot AI and more…

As Red Teamers, we often find information in SharePoint that can be useful for us in later attacks. As part of this we regularly want to download copies of the file, or parts of their contents. In ...
pentestpartners.com

Pen testing avionics under ED-203a

The aviation industry realised some time ago that taking a standard approach to the cyber security of its products was needed and that this was a specialist discipline. A family of documents was ...
pentestpartners.com

OSINT. What can you find from a domain or company name

We carry out lots of attack surface assessments, parts of which involve investigating information that has been unintentionally disclosed. To help OPSEC people I thought it might be useful to go over ...
pentestpartners.com

Common Kubernetes misconfigurations and how to avoid them

Kubernetes has changed the way we deploy and scale workloads. It’s powerful, flexible, and very good at hiding a lot of complexity. It is also very good at hiding security problems until someone ...
pentestpartners.com

Hacking, tracking, stealing and sinking ships

At Infosecurity Europe this year, we demonstrated multiple methods to interrupt the shipping industry, several of which haven’t been demonstrated in public before, to our knowledge. Some of these ...