Modern Defenses and YOU!
Part 9 of Advanced Threat Tactics covers a lot of my thoughts on evasion. The ideas in that lecture are still relevant, the defenses discussed
Models for Red Team Operations
Recently, I had an email from someone asking for a call to discuss different models of red team operations. This gentlemen sees his team as
Missing in Action: Armitage on Kali Linux
As you may know, the highly anticipated Kali Linux is now available. If you’ve fired it up, you may notice it’s missing a familiar tool.
Migrating Your Infrastructure
I’ve written about infrastructure for red team operations before. Infrastructure are the servers, domains, and other assets that support your ongoing operation against a target
Meterpreter Kiwi Extension: Golden Ticket HOWTO
Mimikatz is a rapidly evolving post-exploitation toolkit by Benjamin Delpy. I call it a post-exploitation toolkit because it has a lot of features, far beyond
Metasploit 4.6 – Now with less Open Source GUI
Last week, I received an email from Tod B. at Rapid7 stating that the next binary installer of Metasploit would ship without Armitage and msfgui.
Meet Cobalt Strike: Adaptive Pen Testing
If you’re reading this, you’re likely aware of the Armitage project. Fed by your enthusiasm and feedback, Armitage has enjoyed a rapid pace of development
Me, Myself and AI: Internal Experiments with the CS REST API
This blog is all about experimenting and having fun with the new CS REST API and the generative AI ecosystem. We’ll demonstrate how we used
Map of Cobalt Strike Features for Armitage Users
I wrote Cobalt Strike and I take it for granted that my users know where things are. This doesn’t come from nowhere though. The users
Manage Cobalt Strike with Services
This post is part of a “Quality of Life” series, where tips and tricks will be shared to make using Cobalt Stike easier. Cobalt Strike