TTPs Archives - Randori

Randori Expands Security Leadership As Company Scales to Meet Enterprise Demand for the Attacker’s Perspective

Security Pioneer Enlists Former Qualys VP of Engineering Ken Shelton to Scale Engineering, World-Famous Hacker Aaron Portnoy to Accelerate Vulnerability Research, and Veteran

Randori Named One of the 10 Coolest Cybersecurity Startups of 2020

I'm excited to share that Randori has been named one of the 10 Coolest Cybersecurity Startups of 2020. It's been a breakout year for

Randori Achieves ISO 27001 Certification

Randori is thrilled to announce that we have received our official ISO 27001 certification. The ISO27001 Certification is the first of many steps we're taking to demonstrate our commitment to ensure that our security and privacy standards meet and exceed our customer's high expectations.

CVE-2021-21972: vSphere Vulnerability Analysis

A high severity vulnerability (CVE-2021-21972, CVSS V3 base score - 9.8 CRITICAL) [1] impacting multiple versions of VMware vSphere products was reported privately

Executive Summary A high severity vulnerability (CVE-2021-3177, CVSS V3 base score - 9.8 CRITICAL) [1] impacting all versions of Python 3 was reported

Test Your SSO Security With Our Simple SAML Identity Provider (IdP)

At Randori, we are constantly adding new capabilities to our automated attack platform. In the course of developing those capabilities for use in

Credential Harvesting Made Easy – How Common Asset Discovery Configurations Are Enabling Hackers To Move Laterally

Our industry pays lots of attention to vulnerabilities and the need for patching. And yes, there is a need for this. But in

Both defenders and attackers have a keen interest in understanding the attack surface for an organization — defenders must understand what is exposed so they can prioritize what to maintain and monitor — attackers must understand what is reachable so they can decide which services are available to compromise.

Building for Linuxes Old Enough to Buy a Pack of Smokes

At Randori, our automated attack platform emulates a realistic adversary. Real adversaries will often take advantage of targets of opportunity discovered on a network, even if those targets are not directly related to an objective.

Avoid the Scramble: Reflections on CVE-2020-5902

If you were one of the many folks this weekend trying to figure out if you had a F5 BIP, if so how many, if the administration interface was exposed to the internet, if you knew where the logs were going and if you had enough visibility to know if it was being actively exploited you got pulled into a scramble and frankly… You f*cke up a long time ago.

The Randori Attack Team has successfully developed a POC for CVE-2020-2021 and has been able to confirm the severity of the vulnerability in local test and production environments.

“Side-Loading” Software in a Running Docker Container

At Randori, one way our automated attack platform operates is by bridging docker containers into remote network environments. The actual operation of this system is outside the scope of this article, but in short, a series of network tunnels within network tunnels provides us with a container with network traffic fully (and only) emerging into a remote network.

Randori Expands Security Leadership As Company Scales to Meet Enterprise Demand for the Attacker’s Perspective

Randori Named One of the 10 Coolest Cybersecurity Startups of 2020

Randori Achieves ISO 27001 Certification

CVE-2021-21972: vSphere Vulnerability Analysis

CVE-2021-3177:

Test Your SSO Security With Our Simple SAML Identity Provider (IdP)

Credential Harvesting Made Easy – How Common Asset Discovery Configurations Are Enabling Hackers To Move Laterally

Enumerating Subdomains with crt.sh

Building for Linuxes Old Enough to Buy a Pack of Smokes

Avoid the Scramble: Reflections on CVE-2020-5902

CVE-2020-2021: Post Exploit Analysis

“Side-Loading” Software in a Running Docker Container

Get an Attacker’s view of your organization