This will be my two cents on helping people obtain a foothold in the infosec industry. This post might get pretty lengthy, so grab a…
for red teamers, by red teamers
This will be my two cents on helping people obtain a foothold in the infosec industry. This post might get pretty lengthy, so grab a…
Sometimes, maldocs don’t really need to do anything malicious. You might just want to create awareness and just send a request to a webserver. In…
Earlier this week I released a tool based on the work of Wietze Beukema called TrustJack and promised to write a short blogpost about it…
If you ever wrote C# tools and wanted to execute them using Execute-Assembly, chances are that you have encountered entrypoint errors. They look like this:…
If you ever made a program in C#, or are planning to do so, there is a chance that you’ve used NuGet packages to make…
A few weeks ago, I noticed a cool post: https://ired.team/offensive-security/credential-access-and-credential-dumping/credentials-collection-via-creduipromptforcredentials This seemed like an interesting approach to potentially provide a “final shot” when you are…
Were you ever on an engagement where you’ve noticed that the targets are using password managers? Usually password managers work by copying the password over…