Technical deep-dives, threat intelligence, and industry analysis from the XDepthSense research team. Real findings. No vendor fluff.
A deep-dive into modern Active Directory attack chains that go beyond Kerberoasting — covering ACL abuse, constrained delegation attacks, cross-forest trust exploitation, and RBCD techniques that bypass traditional defences.
Read Article →Analysis of twenty distinct IAM privilege escalation vectors observed during real-world cloud assessments in 2024, including novel paths through Lambda execution roles, OIDC federation, and cross-service confusion attacks.
Read Article →Electronic Chart Display and Information Systems have become critical navigation infrastructure on modern vessels — yet most run outdated operating systems, accept USB media without scanning, and connect directly to ship management networks. An assessment of the real attack surface.
Read Article →Industrial protocols were designed for reliability, not security. This research documents real attack scenarios against Modbus TCP, DNP3, and IEC 61850-based substations — including packet crafting techniques and the devastating potential of unauthenticated command injection.
Read Article →Physical security testing is often overlooked in favour of digital assessments — but a tailgating attempt or USB drop can bypass million-dollar security stacks. This guide covers reconnaissance, bypass techniques, and reporting for physical engagements.
Read Article →Lambda functions are deceptively complex attack surfaces. This research covers event injection, execution role abuse, layer supply chain attacks, and the emerging threat of cross-function data leakage through shared execution environments.
Read Article →Our team actively researches threats so your security posture stays ahead of the curve. Work with practitioners who do the research, not just read about it.