Innogen security


Testing SSL Cipher Suites

July 12, 2017

Just wanted to share the following script which has been amazingly helpful on recent tests in order to validate the ssl handshakes and use the output detail in the log file to go away and analyse for any know vulnerabilities. NOTE: innogen did not write this and cant exactly remember who the original author was? so if you know ping us and we will update the code to thank the …   [...]


Phishing via inbox Rules

June 21, 2017

During a recent pentest on a small business, gains into the client network were made via a flaw in the customers public website; however once innogen managed to traverse from the webserver to an internal employee host it became clear that there was some work to be done in order to escalate to a more trusted user account. After a day of looking at escalation areas via internal services and appli…   [...]