Blog

Blog

Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker

Blog

Cobalt Strike 1.48 – Peer-to-peer C&C

I’m pleased to announce Cobalt Strike 1.48. This release introduces a peer-to-peer data channel for Beacon, improves browser pivoting, and updates the signed applet attack with

Blog

Schtasks Persistence with PowerShell One Liners

One of my favorite Metasploit Framework modules is psh_web_delivery. You can find it in exploits -> windows -> misc. This module starts a local web

Blog

Tradecraft – Red Team Operations Course and Notes

A few days ago, I posted the YouTube playlist on Twitter and it’s made a few rounds. That’s great. This blog post properly introduces the

Blog

Email Delivery – What Pen Testers Should Know

I get a lot of questions about spear phishing. There’s a common myth that it’s easy to phish. Start a local mail server and have your hacking

Blog

What’s in a Team Server?

Clients (like Armitage) interface with the Metasploit Framework through its Remote API. The Remote API is a way for clients to call functions in the

Blog

Armitage and Cobalt Strike 1.47 Released

Armitage and Cobalt Strike 1.47 are now available. This release improves many aspects of the workflow in both Armitage and Cobalt Strike. Here are some

Blog

Red Team Data Collection

In 2011, I participated in an exercise. The exercise ran for 60 hours straight, forcing the red team to work in shifts. The event was

Blog

DNS Command and Control Added to Cobalt Strike

Many networks are like sieves. A reverse TCP payload or an HTTP/S connection is all it takes to get out. Once in a while, you

Blog

Telling the Offensive Story at CCDC

The 2013 National CCDC season ended in April 2013. One topic that I’ve sat on since this year’s CCDC season ended is feedback. Providing meaningful and

Applied Filters

Sort

Applied Filters

Topic

Author

Subscribe to the Blog

Footer Menu 1

Footer Menu 2

Footer Menu 3

Footer Menu 4

Footer Menu 5

Contact Information

Privacy Policy

Cookie Policy

Terms of Service

Impressum