The Hacking Lab

🦖 Meet RAPTR: our new open source platform for red and purple team collaboration. Plan engagements, document attacks and detections, evaluate results, and generate reports, all API-driven. Beta is live, feedback welcome! #PurpleTeam blog.compass-security.com/2026/05/introd…

The final part of our Entra ID blog series looks at common Conditional Access weaknesses, practical attack scenarios, and how to identify such issues with EntraFalcon. blog.compass-security.com/2026/04/common…

🏃‍♂️Time for a security workout. Sanitas is launching its #bugbounty program and inviting ethical hackers to help keep its digital healthcare services in peak condition. Hunt vulnerabilities and help protect critical healthcare systems: bugbounty.compass-security.com/bug-bounties/s…

Foreign enterprise apps can expose your Entra ID tenant. Today, we release part 1 of our 4-part weekly series on common Entra ID pitfalls and how to detect them with EntraFalcon. Learn how external apps can lead to data access or worse: blog.compass-security.com/2026/03/common…

Unprotected groups in Entra ID can lead to privilege escalation. Part 2 of our 4-part series shows how weakly protected groups can be abused to bypass controls, gain privileged access, and lead to full compromise—and how to detect this with EntraFalcon: blog.compass-security.com/2026/03/common…

EntraFalcon update 🚀 The new Security Findings Report turns Entra ID enumeration into actionable findings with 60+ checks and color charts. Read the blog post of Chrigi @ZH938472 and try the tool now on your tenant! blog.compass-security.com/2026/03/from-e… #EntraID #CloudSecurity #EntraFalcon

WinGet can be more than a package manager. We show how .winget configs + a self-referencing LNK become a viable initial access payload when Microsoft Store is enabled. Includes detection queries & mitigation tips. blog.compass-security.com/2026/03/winget… #RedTeam #Windows #LOLBins #InitialAccess

John Ostrowski (Compass Security) and Manuel Kiesel (Cyllective AG) worked together on CVE-2025-13154, a Lenovo Vantage LPE. Even after Microsoft closed a known primitive, collaboration led to a working PoC. blog.compass-security.com/2026/02/from-f… #Windows #CVE #SecurityResearch #PrivEsc

In a new video, Nicolò Fornari walks through how to fuzz with AFL++, how to pick targets, avoid common pitfalls, and boost effectiveness. Find performance tips, fuzzing theory, and AFL++ internals. youtu.be/L5Tin7m5sbE?si… #security #fuzzing #AFLplusplus #appsec

NTLM relay works against HTTPS if channel binding is missing. Our new blog post explains why, shows how tooling evolved, and highlights defensive measures. blog.compass-security.com/2025/11/ntlm-r…

Learn about a FortiProxy Domain Fronting Protection bypass discovered by our analyst @emanuelduss . Details in the advisory: compass-security.com/en/news/detail… Curious how web filters are evaded? Read his blog series: blog.compass-security.com/2025/03/bypass… #cve #pentest #bypass

The leaked LockBit chats give a rare inside look at ransomware ops. Read our blog for an analysis and lessons for defenders: blog.compass-security.com/2025/10/lockbi… #CyberSecurity #Ransomware #LockBit

NIS2 means stricter rules and steep fines. Penetration testing is key to proving compliance & improving security, uncovering flaws before attackers do. Our latest blog explains why you need it now: blog.compass-security.com/2025/09/ensuri… #CyberSecurity #NIS2 #Pentesting

The final episode of our Kerberos deep dive is live! RBCD opens new attack paths in Kerberos. Learn how misconfigs enable privilege escalation and how to defend. youtu.be/l97RDnzdrXY?fe… #Kerberos #ActiveDirectory

Episode 5 of our Kerberos deep dive is live. Constrained delegation isn’t bulletproof. See how attackers exploit it, and how to defend with monitoring & best practices. youtu.be/rnhr02eKU0I?si… #Kerberos #ActiveDirectory

Episode 4 of our Kerberos deep dive is live. Unconstrained delegation can expose critical credentials. Learn how attackers abuse it. And how to lock down your systems. youtu.be/_6FYZRTJQ-s?fe… #Kerberos #ActiveDirectory

Episode 3 of our Kerberos deep dive is live. AS-REP Roasting abuses accounts without pre-auth. Learn the risks, how attackers exploit it, and how to defend. youtu.be/56BjmyOTN5o?fe… #Kerberos #ActiveDirectory

We use James Kettle’s (@albinowax) Burp extension Collaborator Everywhere daily. Now our upgrades are in v2: customizable payloads, storage, visibility. Perfect for OOB bugs like SSRF. Find out more here: blog.compass-security.com/2025/09/collab… #AppSec #BurpSuite #Pentesting

Episode 2 of our Kerberos deep dive is live. Kerberoasting lets attackers steal AD service account credentials. See how it works and how to protect your systems: youtu.be/PhNspeJ0r-4?fe… #Kerberos #ActiveDirectory

Kerberos powers auth in Windows and hides big security risks. We’re launching a 6-part deep dive: from protocol basics to attacks plus how to stop them. Starts today → blog.compass-security.com/2025/09/taming… → Subscribe to our channel! #Kerberos #ActiveDirectory