Windows Access Tokens and Alternate Credentials
I’d like to call your attention to the humble runas.exe program on Windows. This program allows a Windows user to spawn another program with another
WinRM is my Remote Access Tool
One of my favorite blog posts last year was Adversary Tricks and Treats from CrowdStrike. In this post, CrowdStrike details the tradecraft of an actor
WRCCDC – A Red Team Member’s Perspective
Western Regional CCDC was pretty epic. Given the level of interest in red activity, I’d like to share what I can. So much happened, I
Writing Beacon Object Files: Flexible, Stealthy, and Compatible
Our colleagues over at Core Security have been doing great things with Cobalt Strike, making use of it in their own engagements. They wrote up