UnICORN Library

SCYTHE aims to educate and engage in order to inspire the art of the possible in cybersecurity. Adversarial threats, risk management, and security innovation don’t pause when working from home. We have curated a collection of presentations, research, blogs, and conversations from our team. Come enjoy our library and stay tuned for the new unicorn content that will be added regularly.

Check out our SCYTHE 3.0 demonstration video!
Improve your risk posture and find your cybersecurity blindspots.

Contact Us

Featured CONTENT

Blog Post

New!

April 15, 2021

Using SCYTHE payload as Shellcode

Guest blog post by one of our partners, Jean-Maes from NVISO. During Unicon21, I (Jean-Maes) presented how I leverage the D/Invoke project from TheWover to load a SCYTHE campaign using the SCYTHE DLL that is automatically created for each campaign.

VIEW

Blog Post

New!

April 7, 2021

Adversary Emulation Metrics Time to Detect

Offensive security professionals and program coordinators have a learning curve as they mature through the different ethical hacking assessment types. In Vulnerability Assessment/Management and Penetration Testing, we use Common Vulnerabilities and Exposures (CVE IDs) and the Common Vulnerability Scoring System (CVSS) to report a finding using two criteria:

VIEW

#ThreatThursday

New!

March 25, 2021

Threat Thursday - Lazarus

The Lazarus Group (aka HIDDEN COBRA/Guardians of Peace/ZINC/NICKEL ACADEMY)! Lazarus was an extremely active adversary in 2020 and has continued to build capability over the past decade. They are responsible for many high profile hacks seen over the years, such as the Sony hack in 2014. Lazarus Group has been attributed as a North Korean state sponsored hacking group by the FBI.

VIEW

Read the #ThreatThursday series by our Chief Technology Officer, Jorge Orchilles. Each week Jorge dives into different threats by consuming Cyber Threat Intelligence, creating adversary emulation plans with SCYTHE and sharing them on our Community Threats Github, and covering how to defend against these adversaries.

VIEW

New!

April 15, 2021

UniCon21 Recap

It was a day packed with amazing presentations as we celebrated National Unicorn Day. UniCon21 is a free virtual conference for the security researcher and defender community. Check out all the UniCon21 videos.

VIEW

Blog Post

New!

April 2, 2021

Setting up SCYTHE-VECTR integration

Many SCYTHE customers like to track their red and purple team exercises in a free reporting tool called VECTR. VECTR is maintained by Security Risk Advisors and we have been working with them on integrations for over a year. Naturally, we help our customers set up VECTR so that they can import SCYTHE campaigns more easily. This is a quick start guide that should help you set up VECTR with SCYTHE integration.

VIEW

#ThreatThursday

New!

February 25, 2021

#ThreatThursday - menuPass with special guest Shane Patterson

For this #ThreatThursday is menuPass! Tim Schulz caught up with Shane Patterson to discuss MITRE Engenuity's plan release, challenges in creating emulation plans, and what makes this threat unique!

VIEW

Blog Post

New!

January 19, 2021

Why you should embrace Purple Team today

We are not introducing a new job role where you have to hire more people or have to spend more money. See, a purple team is a virtual, functional team that fosters collaboration and efficiency in testing, measuring, and improving your current cyber security people, process, and technology (security controls).

VIEW

CISO Stressed

New!

January 8, 2021

Leveraging Resources When Chock Full of Challenges.

Elizabeth Wharton interviews Guest Mitch Parker, Exec. Dir./CISO at Indiana University Health. Healthcare security is present on all of our minds these days. The security and medical communities are working together towards the same goal: protecting the people. You may be wondering, what does that look like in today’s world?

VIEW

Blog Post

New!

December 30, 2020

Red Team and Threat-Led Penetration Testing Frameworks

We are presenting a curated list of all Red Team Frameworks in a central, easy to find location. Leveraging frameworks and methodologies for offensive security assessments is a best practice to show your customers and clients you have a repeatable, professional offering.

VIEW

See All Posts

let our tech speak for itself

Know where you stand with SCYTHE. Talk to us to start the evaluation process today! We’d love to talk to you about how SCYTHE can fit into your cybersecurity workflow.

Contact Us

LEARN MORE

COMPANY
Contact UsCareersLibraryNews & Events
SCYTHE USE CASES
Red TeamBlue TeamPurple Team
Get In Touch!

Privacy Notice