Compass Security Blog

Offensive Defense

Compiling a Mimikatz Module for Dumping Citrix Credz

Sometimes, the good old credential dumping techniques just won’t work. This is the story of how a bad actor could dump credentials on a fully-patched, monitored and hardened workstation.

Continue reading

Compass Incident Handling and Forensics Number Crunching

The anonymous data on our cases allows us to answer the question “What is a typical DFIR case at Compass Security?” and we conclude its the analysis, containment, eradication and recovery of one or a few devices in a Windows domain which is probably no surprise :)

Continue reading

Level-up your Detection Game

Red Teaming exercises are getting popular with the growth of security operations centers. These attack simulations aim to help companies improve their defenses and train the blue team. But solid foundations are necessary to get the most of such an exercise.

Continue reading