Models for Red Team Operations
Recently, I had an email from someone asking for a call to discuss different models of red team operations. This gentlemen sees his team as
Missing in Action: Armitage on Kali Linux
As you may know, the highly anticipated Kali Linux is now available. If you’ve fired it up, you may notice it’s missing a familiar tool.
Migrating Your Infrastructure
I’ve written about infrastructure for red team operations before. Infrastructure are the servers, domains, and other assets that support your ongoing operation against a target
Meterpreter Kiwi Extension: Golden Ticket HOWTO
Mimikatz is a rapidly evolving post-exploitation toolkit by Benjamin Delpy. I call it a post-exploitation toolkit because it has a lot of features, far beyond
Metasploit 4.6 – Now with less Open Source GUI
Last week, I received an email from Tod B. at Rapid7 stating that the next binary installer of Metasploit would ship without Armitage and msfgui.
Meet Cobalt Strike: Adaptive Pen Testing
If you’re reading this, you’re likely aware of the Armitage project. Fed by your enthusiasm and feedback, Armitage has enjoyed a rapid pace of development
Map of Cobalt Strike Features for Armitage Users
I wrote Cobalt Strike and I take it for granted that my users know where things are. This doesn’t come from nowhere though. The users
Manage Cobalt Strike with Services
This post is part of a “Quality of Life” series, where tips and tricks will be shared to make using Cobalt Stike easier. Cobalt Strike
Man-in-the-Browser Session Hijacking
Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker
Listeners: Cobalt Strike’s Glue Feature
Listeners are Cobalt Strike’s abstraction in front of the Metasploit Framework’s payload handlers. A handler is the exploit/multi/handler module. This module sets up a server that