RedTeam Pentesting GmbH

Cover Image

RedTeam Pentesting GmbH

RedTeam Pentesting GmbH

5 Follower

11-50 Mitarbeitende

Neuigkeiten

RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.11. Juni 2025
🚨 The Reflective Kerberos Relay Attack - Remote privilege escalation from low-priv user to SYSTEM with RCE by applying a long forgotten NTLM relay technique to Kerberos. Yesterday, Microsoft patched the vulnerability we discovered, so we can now share the details: https://blog.redteam-pentesting.de/2025/reflective-kerberos-relay-attack/ 👀 We have also released a paper which really goes into the nitty-gritty for those who are interested 🕵️‍♀️: https://www.redteam-pentesting.de/publications/202 ...

A Look in the Mirror - The Reflective Kerberos Relay Attack

It is a sad truth in IT security that some vulnerabilities never quite want to die and time and time again, vulnerabilities that have long been fixed get revived and come right back at you. While researching relay attacks, the bane of Active …blog.redteam-pentesting.de
A Look in the Mirror - The Reflective Kerberos Relay Attack
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.10. Juni 2025
It is finally time for a new blog post! Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling: https://blog.redteam-pentesting.de/2025/windows-coercion/ We also released an cross-platform implementation of WSPCoerce in Python, which should work against all Windows clients: https://github.com/RedTeamPentesting/wspcoerce And this is our pull request to NetExec which adds efsr_spray which can re-enable EFSR/PetitPotam on up-to-...

The Ultimate Guide to Windows Coercion Techniques in 2025

Windows authentication coercion often feels like a magic bullet against the average Active Directory. With any old low-privileged account, it usually allows us to gain full administrative access to almost arbitrary Windows workstations and servers, …blog.redteam-pentesting.de
The Ultimate Guide to Windows Coercion Techniques in 2025
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.19. September 2024
We discovered a PHP application that uses eval(), what could go wrong? 🤔 Today we can tell the story of how we achieved RCE (despite heavy filtering): 🚀 Back to School - Exploiting a Remote Code Execution Vulnerability in Moodle https://blog.redteam-pentesting.de/2024/moodle-rce/

Back to School - Exploiting a Remote Code Execution Vulnerability in Moodle

Surprisingly often, implementations include functionality where user input is passed to dangerous functions like PHP’s eval() - despite clear warnings. Often, devs are somewhat aware of this danger and attempt to sanitize the input, but this approach …blog.redteam-pentesting.de
Back to School - Exploiting a Remote Code Execution Vulnerability in Moodle
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.3. Januar 2024
Last year, we discovered how we could access all data in a Bitwarden vault protected by biometrics via Windows Hello on a domain-joined machine without using passwords: https://blog.redteam-pentesting.de/2024/bitwarden-heist/ Incidentally, the issue was independently discovered by another researcher, but we only learned that after reporting it to Bitwarden. The issue is corrected now, for details head over to the blog post!

Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords

Sometimes, making particular security design decisions can have unexpected consequences. For security-critical software, such as password managers, this can easily lead to catastrophic failure: In this blog post, we show how Bitwarden’s Windows Hello …blog.redteam-pentesting.de
Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.11. Oktober 2023
🚀 We just published our new blog post: Better dSAFER than Sorry - An Attacker's Overview of Ghostscript 👻👻 Learn about exploiting Ghostscript from the fundamentals to the most recent vulnerabilities CVE-2023-36664 and CVE-2023-43115 🔥 https://blog.redteam-pentesting.de/2023/ghostscript-overview/

Better dSAFER than Sorry - An Attacker's Overview of Ghostscript

Ghostscript is the backbone of document processing for a lot of web apps and programs. If you have never heard of Ghostscript yet, you still have very likely already used it a lot through various programs such as PDF viewers, office suites or …blog.redteam-pentesting.de
Better dSAFER than Sorry - An Attacker's Overview of Ghostscript
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.19. Juli 2023
🚨 New Advisory: RWS WorldServer 🚨 https://www.redteam-pentesting.de/advisories/rt-sa-2023-001 The vulnerability allows to feasibly enumerate session tokens. While it was fixed by the vendor prior reporting, no concrete information is publicly available that this critical issue was fixed in v11.8.0. #infosec

RedTeam Pentesting - Session Token Enumeration in RWS WorldServer

Session tokens in RWS WorldServer have a low entropy and can be enumerated, leading to unauthorised access to user sessions. www.redteam-pentesting.de
RedTeam Pentesting - Session Token Enumeration in RWS WorldServer
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.12. Juli 2023
🌪️🌧️ Our HTTP fuzzer monsoon just received a huge update 🚀 Learn more about the new features and improvements such as multi-parameter fuzzing and the overhauled test command in our latest blog post 🥳 https://blog.redteam-pentesting.de/2023/monsoon-next-level/

Bringing Monsoon to the Next Level

We’ve just a released a major update for our HTTP fuzzer monsoon with many new features and improvements. In this blog post we will cover these changes in detail. If you haven’t heard about monsoon, you should start with our announcement blog post …blog.redteam-pentesting.de
Bringing Monsoon to the Next Level
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.6. Juli 2023
We participated again at the traditional Lousberglauf 2023 in Aachen 🏃🏃🏃 After mastering the steep ascent ⛰️ we awarded ourselves with delicious pizza 🍕 See you at the next race 🚀
Posting
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.5. Juni 2023
🚀 We've just dropped a new blog post: Storing Passwords - A Journey of Common Pitfalls 🥳 We outline common misconceptions about security concepts in the field of password hashing using STARFACE PBX as an example 🔑 ☎️ https://blog.redteam-pentesting.de/2023/storing-passwords/ #infosec #pentesting

Storing Passwords - A Journey of Common Pitfalls

As pentesters, we regularly see creative ways of handling authentication and almost as often we see the pitfalls that come along with these unconventional ways. For instance, we recently discovered a vulnerability in the web interface of STARFACE PBX …blog.redteam-pentesting.de
Storing Passwords - A Journey of Common Pitfalls
RedTeam Pentesting GmbH
RedTeam Pentesting GmbHhat einen Beitrag geschrieben.1. Juni 2023
This is an odd one: new advisory released for STARFACE PBX devices, which allow logging into the web interface and the REST API not only with the password, but with the password hash as well. 🤔 https://www.redteam-pentesting.de/advisories/rt-sa-2022-004/

RedTeam Pentesting - STARFACE: Authentication with Password Hash Possible

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application’s database generally has become best practice to protect users’ passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash. www.redteam-pentesting.de
RedTeam Pentesting - STARFACE: Authentication with Password Hash Possible

XING empfiehlt folgende Unternehmen:

RedTeam Pentesting GmbH

RedTeam Pentesting GmbH Seit der Gründung 2004 hat RedTeam Pentesting zahlreiche nationale wie internationale Unternehmen als Dienstleister mit Penetrationstests unterstützt und sich so zu einem weltweit sehr gefragten Anbieter für Penetrationstests entwickelt. Durch die ausschließliche Spezialisierung auf Penetrationstests...

Alle Infos ansehen

Jobs

Zurzeit gibt es keine Job-Angebote.

Bist Du auf Job-Suche? Dann guck Dir mal unsere Empfehlungen an.

Ähnliche Jobs

Mitarbeitende

Ansprechpersonen

Icon

Warum ist hier denn nichts zu sehen?

Vielleicht klappt's wieder, wenn Du auf "Aktualisieren" klickst.