by bluescreenofjeff | Jul 26, 2016 | Tutorial - Red Team
Parsing data is a fundamental ability that anyone serious about information security should consider putting time and effort into understanding. It can mean the difference between spamming Ctrl+F in a text editor and pulling out exactly what you need with a Bash...
by bluescreenofjeff | Jun 28, 2016 | Tutorial - Red Team
Imagine you are performing a Red Team engagement. So far it’s been very hard, fighting tooth and nail to get each step closer to totally owning their network. You finally get internal network access and things are stable. Everything looks good on your end, but on the...
by bluescreenofjeff | May 24, 2016 | Tutorial - Red Team
Six weeks ago I had the opportunity to Red Team for Pacific Rim CCDC. I love doing this competition because it gives me a chance to do things one would never be allowed to do on a real network and it forces me think about a different set of problems than a pentest or...
by bluescreenofjeff | May 10, 2016 | Tutorial - Red Team
On more than a few occasions phishing recipients have forwarded my phish to IT. The first indication is usually when I’m watching the access logs like a hawk and see multiple GET requests with a user’s token, yet haven’t received any credentials or beacon sessions....
by bluescreenofjeff | Apr 26, 2016 | Tutorial - Red Team
Any phishing campaign involving an active incident response element usually requires some evasive steps to prolong its longevity. This often includes being stealthier, performing anti-forensics actions, or avoiding certain tradecraft altogether. Phishing is no...