Blog
During a recent conversation, a friend had mentioned that they saw Cobalt Strike as a post-exploitation only tool. This strikes me as a little odd.
Post-Exploitation Only (Not Really)
Blog
In Season 1, Episode 5 of Battlestar Galactica, Lieutenant Kara Thrace finds herself marooned on a barren planet with a crashed Cylon Raider. To get
Blog
I’ve written about infrastructure for red team operations before. Infrastructure are the servers, domains, and other assets that support your ongoing operation against a target
Blog
The release of Cobalt Strike 3.0 also saw the release of Advanced Threat Tactics, a nine-part course on red team operations and adversary simulations. This
Blog
Cobalt Strike 3.0 is coming in a few weeks. This upcoming release is the result of a large engineering effort that paralleled my existing efforts
Blog
BlackHat is about to start in a few days. I think this is an appropriate time to share a non-technical, business only post. There is
Blog
One of my favorite blog posts last year was Adversary Tricks and Treats from CrowdStrike. In this post, CrowdStrike details the tradecraft of an actor
Blog
Recently, I had an email from someone asking for a call to discuss different models of red team operations. This gentlemen sees his team as
Blog
I’m spending a lot of time with mimikatz lately. I’m fascinated by how much capability it has and I’m constantly asking myself, what’s the best
Blog
I regularly hear stories from my users about how they got past a tough situation and had success that they claim was not possible without