Elaine Harrison-Neukirch

July 15, 2021

Exfiltration Over Alternative Protocol

Blue Teamers, have you been looking for an automated method of discovery for ports that are allowed in outbound, North/ South (egress) traffic within your network? Your search is over! SCYTHE’s Marketplace offers a free module, Let Me Out (LMO), a SCYTHE port of mubix’s Let Me Out project. This module tests egress traffic for specific ports.

Read Now

June 7, 2021

SCYTHE & ATT&CK Navigator

How are Blue Teams utilizing SCYTHE? One way the Blue Team can use SCYTHE is by reviewing its reporting. SCYTHE’s reports can be used by the Blue Team in determining how gaps in security controls can be mitigated. In this post, we will be discussing the MITRE ATT&CK Navigator and NIST 800 Navigator Summary reports.

Read Now

More BLOG POSTS

July 26, 2021

Adaptive Adversary Emulation (Part 1): Execution Details

Back in 2019 at the inaugural SANS Purple Team Summit I gave a talk titled “Adaptive Adversary Emulation with MITRE ATT&CK®”. In the talk I go over how small changes to adversary emulation plans can provide significant results and allow a deliberate approach to generating iterative tests.

Read Now

July 22, 2021

You can’t detect 0-day exploits but… you can detect what happens next

A zero day (or 0-day) is a vulnerability that is not known by the software vendor nor the end users. They are a great way to gain initial access into an organization without being detected. Zero days are rarely used in widespread attacks as they are a high cost to the attacker (identifying a vulnerability that has a high chance of successful exploitation).

Read Now

July 22, 2021

Malicious Uses of Blockchains

SCYTHE’s engineering team shares their most recent article on the malicious uses of Blockchains. Here’s why this is important: Cryptocurrencies are discussed often, but few understand what they are or how they work. The engineering team defines each cryptocurrency type in detail.

Read Now