by antennatheory | Aug 9, 2016 | Tutorial - Red Team
Tunnels are simple tools that can help you evade walls and filters. Consider a wall that selects traffic based on logical rules. If you can encapsulate your traffic in a way that agrees with the filtering rules, your traffic will pass inspection and flow through. Use...
by bluescreenofjeff | Jul 26, 2016 | Tutorial - Red Team
Parsing data is a fundamental ability that anyone serious about information security should consider putting time and effort into understanding. It can mean the difference between spamming Ctrl+F in a text editor and pulling out exactly what you need with a Bash...
by Sw4mp_F0x | Jul 19, 2016 | Tutorial - Red Team
Introduction and Intent Since watching FireEye FLARE’s 'WhyMI So Sexy?' at Derbycon last September, I have wanted to better understand WMI Events and apply them to offensive security operations. I saw the potential, but my comprehension was lacking and a comprehensive...
by Tyler Butler | Jul 12, 2016 | Tutorial - Red Team
Over the years, I have seen many penetration test reports that heavily rely on the results of a vulnerability scanner such as Nessus or Qualys. While vulnerability scans are a critical component of a functional security program and are often included in security...
by bneg | Jul 5, 2016 | Tutorial - Red Team
Let's say you've successfully phished a client, and now have an Empire agent on a victim computer. Congratulations! Establishing an initial foothold on a network, with either a .hta link or an office macro (excellent write-up using this method by @enigma0x3), is one...
by bluescreenofjeff | Jun 28, 2016 | Tutorial - Red Team
Imagine you are performing a Red Team engagement. So far it’s been very hard, fighting tooth and nail to get each step closer to totally owning their network. You finally get internal network access and things are stable. Everything looks good on your end, but on the...
