Logo Loading

Cyber Wonderland

 

What do you get when a bunch of security professionals sit around and talk about a heap of topics, undertake a heap of research and want to publish cool vulnerabilities in one spot and don’t think the blog is the right place? You fall down the rabbit hole into the Cyber Wonderland.

This is the area of Triskele Labs that you can fall down pretty easily. It is where we post super techy blogs, research topics and videos on vastly different topics. If you want to see us chat about something or research a topic, let us know.

Extracting your AWS Access Keys through a PDF file

MicroStrategy SSRF through PDF Generator (CVE-2020-24815)  The Portable Document Format (PDF) was first developed in 1993 and since then, PDF files have gained widespread adoption, becoming the de facto standard for document publishing. It was only natural that developers followed the trending popularity and nowadays it is common for applications to allow you to export documents to a PDF file. At first glance, this functionality may seem harmless; something which you might not spare too much thought. […]

AWS Access Keys

Kerberoasting: Like Willy Wonka and his Golden Ticket but with more 3 headed dogs

During a recent Red Team engagement, Triskele Labs was able to compromise a Domain Controller (DC) in a client environment. As most readers will know, at this point, it’s game over. If a DC is compromised by a real-world adversary, the recommendation of course must be made to rebuild the entire network, including the Active Directory (AD) infrastructure. However, this is a huge process that could take several […]

Cybeers – Security vs Usability

The team talk about how security can impact usability and vice versa.

multi-factor authentication