Contact Horizon3.ai

Horizon3.ai’s mission is to help you find and fix attack vectors before attackers can exploit them. Contact us now for a quote or if you have any questions.

Looking for more H3 content?

Tech Talk: An Attacker's Journey - Becoming an Ethical Hacker

Part IV - NTLM Relay

Wed, May 25, 2022 | 2:00 PM – 3:00 PM EDT

Noah King, one of Horizon3's front-end developers, is inviting you into his experience as he learns to be an expert at ethical hacking. In each session, Noah will be joined by experts from inside and outside Horizon3 who will share in-depth knowledge, experience, and advice from their years of industry and nation-state cybersecurity practice.

Monti Knode, Horizon3.ai’s Director of Customer Success, will be joined by James Stahl, Senior Offensive Security Consultant from our alliance partner Echelon Risk + Cyber, as they guide you and Noah through the attacker's journey.

Over the next few Tech Talks, they will dive deep into common Windows attacks, starting with NTLM Relay. At least half of Horizon3.ai’s internal pentesting clients are vulnerable to NTLM relay attacks. It's the top technique used by pentesters to acquire and use domain user credentials and can ultimately lead to full domain compromise.

Learn how this attack works and how to protect yourself against it!

Attackers Journey Part 4 - Hikers traveling with code fading into the background

Red Team Blog

F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive

by James Horseman | May 9, 2022 | Blog, Red Team

F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability particularly worrisome for users because it is simple to exploit and provides an attacker with a method to execute arbitrary system commands.

« Older Entries

Customer Success Blog

XorDDos sees significant spike in activity

by Matt Phillion | May 24, 2022 | Blog, Customer Success

XorDdos Is continuing to hunt servers with weak passwords. According to a recent post from Microsoft, there’s been a 254% increase in activity from XorDdos – an eight-year-old network of infected Linux machines used for DDoS attacks.

« Older Entries

iAmNodeZero

Hack The Box – Mirai

by NodeZero | Dec 6, 2021 | IAmNodeZero

I exploited the Mirai machine from Hack The Box using the same technique used by the infamous Mirai malware.

« Older Entries

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.