Pen Test Partners

You can pen test OT networks without breaking them

TL;DR  Introduction   There is a widely held belief that penetration testing Operational Technology networks is impossible.
Pen Test Partners

BSidesHBG 2026

Pwning web sites through their AI chatbot agents and politely breaking guard rails ...
pentestpartners.com

PTP Cyber Fest 2026

Built on five years of hands on, community led events, it has grown into something a bit different from the usual cyber event. More practical. More interactive. More time with the people doing the ...
pentestpartners.com

SweetPotato – Service to SYSTEM

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...
pentestpartners.com

eyeDisk. Hacking the unhackable. Again

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...
pentestpartners.com

Taming the dragon: reverse engineering firmware with Ghidra

I stumbled into infosec the same year the NSA graced us with Ghidra. It’s by far become the most used tool in my arsenal for reverse engineering and vulnerability research. It’s free, extensible, and ...
pentestpartners.com

Reverse Engineering a 5g ‘Bioshield’

Six months ago the UK’s Glastonbury Town Council set up a 5g Advisory Committee to explore the safety of the technology, and last month the local paper reported their findings. This statement is in ...
pentestpartners.com

Z-Shave. Exploiting Z-Wave downgrade attacks

TL;DR: Stronger S2 Z-Wave pairing security process can be downgraded to weak S0, exposing smart devices to compromise. Z-Wave uses a shared network key to secure traffic. This key is exchanged between ...
pentestpartners.com

Fully segregated networks? Your dual-homed devices might disagree

When we carry out security assessments in Operational Technology (OT) and Industrial Control System (ICS) environments, one thing that often stands out is the use of dual-homed devices. In this blog ...
pentestpartners.com

Cyber threats to shipping explained

The events in Baltimore earlier this year brought maritime cybersecurity into the spotlight. Initial outlandish claims asserted that the MV Dali was certainly hacked, whilst others made the equally ...
pentestpartners.com

Bypassing MFA on Microsoft Azure Entra ID

On a recent Red Team engagement we got Domain Admin privileges on the on-premises Active Directory (AD) network. But we had not yet gained access to their cloud estate, which was hosted in Azure. Our ...
pentestpartners.com

Living off the land, AD CS style

Unless you have been living under a rock for the last year or so, Active Directory Certificate Services (AD CS) abuse continues to be a hot topic in offensive security, ever since the excellent ...