In this blogpost we dive a little deeper in the world of reflection in order to bypass the constraints of cobalt-strike’s execute assembly. As a bonus we also briefly touch how to invoke C# assemblies from within powershell
Preamble: As a cybersecurity professional and/or red teamer, you might find yourself inside the physical perimeter of your client. This could be because you are…
If you’re following me on any of my social media you might already have spotted that I have released some Ansible roles lately. These Ansible…
Intro + Use cases Recently, I posted a blogpost over at NVISO’s blog about hiding data in JPEG’s. After the blog post was written, I…
This will be my two cents on helping people obtain a foothold in the infosec industry. This post might get pretty lengthy, so grab a…
Sometimes, maldocs don’t really need to do anything malicious. You might just want to create awareness and just send a request to a webserver. In…
Earlier this week I released a tool based on the work of Wietze Beukema called TrustJack and promised to write a short blogpost about it…
If you ever wrote C# tools and wanted to execute them using Execute-Assembly, chances are that you have encountered entrypoint errors. They look like this:…
If you ever made a program in C#, or are planning to do so, there is a chance that you’ve used NuGet packages to make…
A few weeks ago, I noticed a cool post: https://ired.team/offensive-security/credential-access-and-credential-dumping/credentials-collection-via-creduipromptforcredentials This seemed like an interesting approach to potentially provide a “final shot” when you are…
