Cyber Security Blog | 8com Research

The latest findings of our pentesters

Beitrags-Filter

A short Introduction to BloodHound Custom Queries

28.01.2025

In this post, we’ll present custom BloodHound queries to find real-world vulnerabilities and misconfigurations. Active Directory plays a very important role in our Corporate Network penetration tests. In many of our tests we manage to compromise the target domain in a short time.

Automating parts of Active Directory pentests with BloodHound CE

21.08.2023

BloodHound is one of the essential tools for every Penetration Tester and Red Teamer and with the new release of BloodHound CE, BloodHound got some very nice and useful improvements. This blog post will show some examples on how the underlying database or the new API can be used to automatically find many basic weaknesses in an Active Directory environment.

smarttimeplus Vulnerability Disclosure

09. Februar 2023

smarttimeplus is a time tracking software by NovaCHRON. It was vulnerable to an authentication bypass and still has multiple authorization flaws.