Final part of the series! We now have the power to determine architecture of remote processes, how exiting! /sarcasm
for red teamers, by red teamers
Final part of the series! We now have the power to determine architecture of remote processes, how exiting! /sarcasm
Part 2 of how to use the power of C for funzies, not profit
In this blogpost series, we dive into the C!
Serverless functions is nothing new, AWS Lambda functions exist since 2014, Microsoft followed in 2016, however for many of us it’s still a magic box…
Two days ago this tweet from vxunderground saw the light: Being a redteamer this obviously peaked my interest, as evading EDRs is kinda what I…
Yesterday I was browsing the interwebs and this article from Fortinet caught me eye: https://www.fortinet.com/blog/threat-research/signed-sealed-and-delivered-signed-xll-file-delivers-buer-loader This immediately peaked my interest, as we are treating XLL…
A little while ago, I wrote a blog post called “So you want to be a pentester and/or red teamer?” . This post was pretty…
In the light of the fairly recent NOBELIUM ransomware and through some red team experience of my own, I figured it was time to release…
DInvoke’s injection API If you have been following me around for a while, you know I’m a super fanboy of @TheRealWovers work, and the D/Invoke…
During engagements, often times you want to remain in memory as much as possible. In some edge cases however, you might need to drop something…
In this blogpost we dive a little deeper in the world of reflection in order to bypass the constraints of cobalt-strike’s execute assembly. As a bonus we also briefly touch how to invoke C# assemblies from within powershell
Preamble: As a cybersecurity professional and/or red teamer, you might find yourself inside the physical perimeter of your client. This could be because you are…
If you’re following me on any of my social media you might already have spotted that I have released some Ansible roles lately. These Ansible…