Pulse Security is a specialist information security consultancy.
We're here to help your business stay protected from adversaries.
We specialise in finding vulnerabilities and ensuring your systems are operating safely. Find your vulnerabilities before your adversaries.
Our focus is a collaborative and research-based approach to truly understand your vulnerabilities.
We're focused on offensive security, and our internal research program is dedicated to advancing the state-of-the-art.
All engagements follow our comprehensive technical methodologies and quality assurance process.
Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.
Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.
For when things go wrong, our experienced and qualified team will help with getting you back on track.
Stealing an authenticated browser session after compromising a user’s workstation usually means reaching for tools like mimikatz, poking around in DPAPI and monitored browser files, activities that risk triggering EDR. This article demonstrates a quieter alternative: cloning a live browser session to another device using nothing but built-in browser DevTools. No elevated privileges, no third-party tools, no touching disk or memory.
Penetration testing cost is directly correlated to how long an engagement takes to complete. Sometimes the target system or organisation is so vast that a review that achieves what we’d consider “complete” coverage is prohibitively expensive. This article discusses how Pulse Security tackles timeboxed testing engagements. We’ll discuss the problem, how testing is prioritised in an engagement with reduced time-frames, the importance of transparency between penetration testers and clients, and what you can expect from a timeboxed engagement.
Intune device scripts are bits of PowerShell that run on Intune managed devices. Much like Group Policy Objects in traditional Active Directory, these scripts can contain juicy information like secrets, privilege escalation paths, and more. The only problem is Microsoft doesn’t let you get them back out via the Intune portal, and I don’t always want to setup a whole Powershell environment. Let’s get them back out with just a web browser and curl.
How can we help?
+64 4 889 4756
info at pulsesecurity.co.nz