Blog

In this blog we are exploring two new CVE's that exploit an issue in the NGINX controller when NGINX is used for ingress control.

cyber attacks

Exploiting CVE-2023-5044 and CVE-2023-5043 to overtake a Kubernetes Cluster

In this blog we are exploring two new CVE's that exploit an issue in the NGINX controller when NGINX is…

Uncloaking Radio Frequency Identification (RFID)

Demystify RFID with insights on components, tag types, modulation, and use cases. A concise guide to the intricate world of…

A journey into Badge Life

Explore CovertSwarm's Badge Life journey from Defcon 30 chaos to Defcon 31 triumphs. Join the hardware hacking adventure in this…

Gaining Initial Access in a Kubernetes Environment (part 2)

Explore initial access in Kubernetes: Uncover application vulnerabilities, compromised images, and cloud credential misuse in Kubernetes environments.

Exploring the Kubernetes Architecture from an Offensive Viewpoint (part 1)

Explore the essentials of Kubernetes: From its Google origins to a key tool in modern cloud-native development, learn about its…

Golden ticket attack

Persistence Attack in Active Directory: The Golden Ticket Attack

Delve into the Golden Ticket Attack in Active Directory: a key APT method. Discover its workings, countermeasures, and detection to…

breach and attack simulation

What is Breach and Attack Simulation (BAS)?

Read our guide to find out what Breach and Attack Simulation (BAS) is, how it works, why and how it’s…

vulnerability scanning

What is vulnerability scanning and why is it important?

Read our comprehensive guide on vulnerability scanning, including what it is, why it’s important, how it works & best practices…

web application security

What is web application security, and why is it important?

Read our guide on web application security, which includes what it is, why it’s important, how it works & best…