Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism

Document information Series Securing AI systems without overconfidence or fear Post 1 of 5 Title Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism Date March 2026 Author Hussein Bahmad (NVISO) Reading time ~12 min Version 1.0 Post 1 of 5 - Securing AI systems without overconfidence or fear This is the first of … Continue reading Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism →

Stop Hardcoding Passwords

A Deep Dive into CyberArk’s Central CredentialProvider (CCP) Introduction Hardcoded credentials are still among the most critical and overlooked security flaws in modern software development. From leaked Git repos to reverse-engineered binaries, static passwords are easy targets. They also make rotation and access control almost impossible. Enter CyberArk’s Central Credential Provider (CCP): a secure, centralized … Continue reading Stop Hardcoding Passwords →

Refinery raid

IntroductionPurpose of the blogpostWhat is Labshock?What Will We Do?Setting Up the Virtual Oil PlantCreate Your EnvironmentInstall LabshockDockerDownload & build LabshockStarting LabshockConducting the HackStep 1: ReconnaissanceStep 2: Explore the PLC & SCADAStep 3: Find the correct IPStep 4: Interact with Modbus (Read Data)ModbusCoils & RegistersPump 1 & 2Step 5: Hack the Pumps (Write Data)Hack the pump … Continue reading Refinery raid →

Tracking historical IP assignments with Defender for Endpoint logs

A new incident comes in. The CEO’s laptop shows possible Cobalt Strike activity. Your host investigation shows that the attacker likely gained privileged access to her host and the initial activity is from two days ago. You contain the host in your EDR agent. But now you must determine if the attacker moved laterally inside … Continue reading Tracking historical IP assignments with Defender for Endpoint logs →

Attack and Defense in OT: Enhancing Cyber Resilience in Industrial Systems with Red Team Operations

In today's rapidly evolving industrial landscape, securing Operational Technology (OT) is more critical than ever due to increased connectivity and sophisticated cyber threats. Throughout this blog post series, we will dive into the world of Operational Technology Security. This edition of the series focuses on how Red Team assessments can assist companies in identifying and … Continue reading Attack and Defense in OT: Enhancing Cyber Resilience in Industrial Systems with Red Team Operations →

Wake up and Smell the BitLocker Keys

Many enterprise laptops use BitLocker to provide full disk encryption (FDE) to protect sensitive data from exposure if the laptop were stolen. But how adequate is the default implementation of BitLocker to protect data at rest in this scenario? The security of all encryption relies on protection of the key material. A common assumption is … Continue reading Wake up and Smell the BitLocker Keys →