Making “certificate-transparency-go” tools more accessible

While researching the best way to implement the SSL certificate monitoring feature for our Tutela product, we ran across the excellent Certificate Transparency Project. The project aims to "watch the watchers", and provide independent certificate logs to monitor Certificate Authorities. Unfortunately for us, the project API endpoints do not return an easy-to-parse data feed. Instead, … Continue reading Making “certificate-transparency-go” tools more accessible

Penetration Testing Techniques: Conducting effective recon for enhanced phishing (Office 365 edition)

This article describes a typical penetration testing / hacking scenario : gathering as many email addresses of a target company in order to carry out more effective phishing campaigns. Note this is only one possible approach out of many... In this particular example, we're picking on Kaspersky Labs, for no particular reason, just as an … Continue reading Penetration Testing Techniques: Conducting effective recon for enhanced phishing (Office 365 edition)