I share a lot from my experiences playing on exercise red teams. I talk about the tactics to collaborate, persist on systems, and challenge network defenders in an artificial environment. Armitage was built for this role. I speak little about my experience working as a penetration tester. I used to work for a security consulting firm […]
Cornerstone: Announcements
Dirty Red Team Tricks II at Derbycon 2.0
Last year, I spoke on Dirty Red Team Tricks at Derbycon. This talk was a chance to share what I had used at the Collegiate Cyber Defense Competition events to go after student networks. During this talk, I emphasized red team collaboration and our use of scripts to automatically own Windows and UNIX systems. I […]
Cobalt Strike Video Review
Ryan Linn created a video review of Cobalt Strike for the Ethical Hacker Network. Unfortunately, I can’t embed the video into the blog post, but I encourage you to check it out. It’s 20 minutes with a well-regarded expert taking Cobalt Strike through its paces. Overall, I enjoyed getting to learn Cobalt Strike. It’s a new release, and […]
Meet Cobalt Strike: Adaptive Pen Testing
If you’re reading this, you’re likely aware of the Armitage project. Fed by your enthusiasm and feedback, Armitage has enjoyed a rapid pace of development since its inception. I left a security engineer role one year ago to search out how to properly nurture this project and its ideas going forward. This search led to […]