Red Team Posted on September 18, 2014 (May 3, 2022) The Post Exploitation Team I often get asked about red team skills and training. What should each team member know how to do? For exercises or long running attack Read More
Red Team Posted on September 9, 2014 (September 26, 2022) Infrastructure for Ongoing Red Team Operations Recently, I’ve had several questions about how to set up infrastructure for long running red team operations with Cobalt Strike. This is an ideal use Read More
Red Team Posted on August 14, 2014 (September 26, 2022) Puttering my Panda and other Threat Replication Case Studies Cobalt Strike 2.0 introduced Malleable C2, a technology to redefine network indicators in the Beacon payload. What does this mean for you? It means you Read More
Red Team Posted on July 30, 2014 (April 26, 2023) Pass-the-Golden-Ticket with Cobalt Strike’s Beacon Back in May, I wrote up some impressions about Meterpreter’s Kiwi extension. It’s Mimikatz 2.0, complete with its ability to generate a Kerberos “Golden Ticket” with Read More
BOF, Red Team Posted on July 24, 2014 (May 3, 2022) Use Cobalt Strike’s Beacon with Veil’s Evasion The Veil Framework is a collection of red team tools, focused on evading detection. The Veil Evasion project is a tool to generate artifacts that Read More
Red Team Posted on July 16, 2014 (May 3, 2022) Cobalt Strike 2.0 – Malleable Command and Control I define threat replication as a penetration test that looks like an attack from an APT actor. Assessments that involve threat replication are more than Read More
Red Team Posted on June 18, 2014 (September 26, 2022) The Access Management Team [Shell Sherpas] When I participate in an exercise, with multiple target networks and a large red team, I favor splitting the team up into cells. Each cell Read More
Red Team Posted on June 5, 2014 (May 3, 2022) The Beachhead I see egress as one of the biggest pains in the offensive space. If your target has zero egress controls—don’t worry about anything I have Read More
Red Team Posted on April 30, 2014 (September 26, 2022) Covert Lateral Movement with High-Latency C&C High latency communication allows you to conduct operations on your target’s network, without detection, for a long time. An example of high-latency communication is a Read More
Red Team Posted on April 11, 2014 (May 3, 2022) Survival Skills for Small Infosec Vendors Information Security is a strange field. There are probably few professions with such a wide range of social skills and preferences as the information security Read More
