12 articles

# Offfensive

─── TAG ───

Vulnerabilities & ExploitsMay 14, 2023·3 min read

Leading Vulnerability Scanners: Benefits and Use Cases

Leading vulnerability scanners provide comprehensive security assessment and management capabilities, allowing organizations to identify and remediate potential vulnerabilities in their IT infrastructure. From real-time scanning to automated reporting, these tools offer a range of benefits and use cases, helping businesses to mitigate risks, meet compliance requirements, and enhance overall security posture.

Compliance & PrivacyFeb 26, 2023·2 min read

CISA Updates Best Practices for MITRE ATT&CK® Mapping

To protect networks and data, CISA believes that understanding the behavior of adversaries is crucial. The success of network defenders in detecting and mitigating cyberattacks depends on this unde...

Compliance & PrivacyOct 18, 2022·9 min read

Micro Emulation Plans by MITRE-Engenuity

We enjoy imitating the opposition. In fact, it's so important that they've written, spoken, trained on it, and are still developing and disseminating more emulation plans (including one of the fir...

Compliance & PrivacyOct 14, 2022·16 min read

MITRE ATT&CK® Released Updates in Apr 2022 With Additional Techniques and Structuring

The Techniques, Groups, and Software for Enterprise, Mobile, and ICS are updated in the April 2022 (v11) ATT&CK release. The most significant modifications are the reorganisation of Detections, whi...

Cloud SecurityOct 5, 2022·9 min read

Campaigns to be Introduced to MITRE ATT&CK V12

Primary Articles [Published ](<https://medium.com/mitre-attack/introducing-attack-campaigns-6b15baa6cbb4)by Matt Malona In [ATT&CK 2022](<https://medium.com/mitre-attack/attack-2022-roadmap-cd5a1a3...

Compliance & PrivacySep 17, 2022·22 min read

Beta Mobile Sub-Techniques, Structured Detections, and ICS Join the Band as ATT&CK Upgrades to Version 11

The most recent ATT&CK release is now available, and this time They have upgraded to version 11! There shouldn't be any major surprises if you've been following their roadmap, but they wanted to ta...

Vulnerabilities & ExploitsSep 10, 2022·5 min read

Dufflebag

A tool called [Dufflebag ](<https://github.com/bishopfox/dufflebag)developed by [dan-bishopfox Dan Petro](<https://github.com/dan-bishopfox) and [bmoar Ben Morris](<https://github.com/bmoar

Vulnerabilities & ExploitsJan 16, 2022·9 min read

MITRE ATT&CK® Released Updates in Oct 2021 With Additional Techniques and Structuring

MITRE ATT&CK® is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of ...

Cloud SecurityJan 4, 2022·2 min read

Gartner EDRs are not perfect, fail against common attacks

Advanced Persistent threats have been a pain for blue teams for a very long time, and one of the key tool in the arsenal is Endpoint Detection and Response tools since the recent past, however, the...

Vulnerabilities & ExploitsSep 7, 2021·1 min read

Useful Pentesting Resources

A curated list of useful penetration testing resources, tools, and references for security professionals.