Blog
In this blog we are exploring two new CVE's that exploit an issue in the NGINX controller when NGINX is used for ingress control.
Exploiting CVE-2023-5044 and CVE-2023-5043 to overtake a Kubernetes Cluster
In this blog we are exploring two new CVE's that exploit an issue in the NGINX controller when NGINX is…
Uncloaking Radio Frequency Identification (RFID)
Demystify RFID with insights on components, tag types, modulation, and use cases. A concise guide to the intricate world of…
A journey into Badge Life
Explore CovertSwarm's Badge Life journey from Defcon 30 chaos to Defcon 31 triumphs. Join the hardware hacking adventure in this…
Gaining Initial Access in a Kubernetes Environment (part 2)
Explore initial access in Kubernetes: Uncover application vulnerabilities, compromised images, and cloud credential misuse in Kubernetes environments.
Exploring the Kubernetes Architecture from an Offensive Viewpoint (part 1)
Explore the essentials of Kubernetes: From its Google origins to a key tool in modern cloud-native development, learn about its…
Persistence Attack in Active Directory: The Golden Ticket Attack
Delve into the Golden Ticket Attack in Active Directory: a key APT method. Discover its workings, countermeasures, and detection to…
What is Breach and Attack Simulation (BAS)?
Read our guide to find out what Breach and Attack Simulation (BAS) is, how it works, why and how it’s…
What is vulnerability scanning and why is it important?
Read our comprehensive guide on vulnerability scanning, including what it is, why it’s important, how it works & best practices…
What is web application security, and why is it important?
Read our guide on web application security, which includes what it is, why it’s important, how it works & best…