Windows Event Logs for Red Teams
Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique […]
Impacket Defense Basics With an Azure Lab
Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]
Lessons Learned While Pentesting GraphQL
Sean Verity // GraphQL is one of those technologies that I heard about several years ago but had not encountered during an actual pentest. After reading a blog or two, […]
For Web Content Discovery, Who You Gonna Call? Gobuster!
Melissa Bruno // One of the best early steps to take when testing a network, especially a large one, is to run the tool EyeWitness to gain a quick understanding […]
Phishing Made Easy(ish)
Hannah Cartier // Social engineering, especially phishing, is becoming increasingly prevalent in red team engagements as well as real-world attacks. As security awareness improves and systems become more locked down, […]
Impacket Offense Basics With an Azure Lab
Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the […]
Spoofing Microsoft 365 Like It’s 1995
Steve Borosh // Why Phishing? Those of us on the offensive side of security often find ourselves in the position to test our clients’ resilience to phishing attacks. According to […]
Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel
Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]
How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity
Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card […]