Labs
We build innovative, sustainable solutions that solve real-world problems for our customers and ourselves.
What is Labs?
Labs is a small team at Praetorian doing big things. Our mission is to reliably build innovative and sustainable solutions that meaningfully solve real-world problems for ourselves and our customers. We're a small team making major impacts on the company and the industry. Our projects vary greatly, from developing new product and service capabilities to meet emerging customer needs to providing subject matter expertise and advise and assist operations to our product, engineering, and services teams.
Nathan Sportsman
CEO, Praetorian
Labs is at the core of Praetorian's next wave of innovation, and our relentless pursuit to solve the cybersecurity problem.
Recent Projects
From product support to building out radical new technologies, we approach projects that align with our company strategy, with the speed and ambition of a startup.
Trident
An automated password spraying toolPassword spraying is not a particularly new or complicated method, but it continues to be used widely by adversaries. As such red team cybersecurity professionals need to test, analyze, and report on this attack vector. Trident was published in late 2020 to give security professionals an easy-to-use, feature-rich tool. Trident functions on multiple cloud platforms, and has extensible code interfaces to adapt the platform to specific use-cases in the future.
View on GithubDo you have a challenging problem you think might be right for Praetorian Labs? Contact Us
-
Chariot by Praetorian
Currently in alpha: Chariot by Praetorian is a truly next generation application security orchestration and automation platform.
Learn more about Chariot -
pentestly
Python and Powershell internal penetration testing framework
View on Github -
trudy
A transparent proxy that can modify and drop traffic for arbitrary TCP connections
View on Github -
pyshell
PyShell makes interacting with web-based command injection less painful, emulating the feel of an interactive shell as much as possible
View on Github
What’s New at Praetorian Labs
What catches our attention? Game changing ideas and advancements with the potential for a 10X impact on the world’s most challenging problems.
What We’re Reading
January 1, 2021Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software Protection
Not for the faint at heart, but this book offers thorough, scholarly coverage of an area that is growing in importance in cybersecurityChristian Collberg's take on Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software Protection
-
New campaign targeting security researchers
Google -
Top 10 web hacking techniques of 2020 - nominations open
PortSwigger
Our Writings
-
How to redirect traffic from an incoming TCP port using the Portbender utility
Overview In a previous article titled “Active Directory Computer Account SMB Relaying Attack,” we discussed how an attacker could leverage computers assigned administrative rights to other computers to escalate privileges or move laterally using the printer spooler service. Colloquially we often refer to this as a “Computer AdminTo Computer” vulnerability. Exploiting this issue in practice […]
Read more -
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external internet-facing IP address. An attacker can then combine this primitive with LDAP relaying capabilities and the […]
Read more -
CIS Controls Version 8 Overview: Bye-Bye “Top 20”
The Center for Internet Security (CIS) has just released Version 8 of their popular security controls. With this version, the “Top 20” moniker has been lost and the list of controls reduced to 18. The Version 8 is a major update to the Safeguards, builds on some of the new features in Version 7.1 (Implementation […]
Read more