Red Team Reading

Find the latest content from the Sprocket Testing Team. Topics include bleeding edge testing, webinars, findings and more!

Red Team Reading

Zip Slip Exploitation in File Uploads with Hackvertor

Custom Tags are one of Hackvertor's most powerful features. They allow you to run Python, Java, or JavaScript with a one-liner inside any Burp request. In this blog post, we will discuss performing Zip Slip testing with… read more →

Patch Diffing CVE-2024-3400 from a Palo Alto NGFW Marketplace AMI

One of the needs during CVE-2024-3400 testing was the ability to test against a live non-production vulnerable instance. We opted for the Palo Alto NGFW AWS Marketplace AMI. read more →

From Twitter to Exploit: The Sprocket Security Lifecycle of Exploitation

Our approach to mass exploitation of the latest and greatest vulnerability. On the chopping block, this time around: CVE-2024-3400. read more →

Surfacing the Invisible Web Application Attacks and Attack Surface Management

Watch for an insightful webinar as Will merges the worlds of web application penetration testing and Attack Surface Management (ASM) data. Using examples from real life penetration tests, he will demonstrate some of the… read more →

Lessons Learned: Physical Penetration Testing

Watch for an engaging and informative exploration of Physical Penetration Testing (PPT) with Nate Fair, a Penetration Tester at Sprocket Security! In this session, Nate will cover the complexities of PPT, sharing… read more →

Halloween Hack-O-Lantern: Spooky Tales from the Dark Side of Authentication

Uncover the eerie secrets of authentication in our upcoming Webinar, "Halloween Hack-O-Lantern: Spooky Tales from the Dark Side of Authentication." Join us as we explore authentication bypass, from ghostly vishing calls… read more →

Continuous Human & Automated Security

The Expert-Driven Offensive
Security Platform

Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.

Watch Demo Request Quote

Expert-Driven Offensive Security Platform

  • Attack Surface Management
  • Continuous Penetration Testing
  • Adversary Simulations