Mike Felch// How to Purge Google and Start Over – Part 1 Brief Recap In part 1, we discussed a red team engagement that went south when the Google SOC joined forces with the SOC of a customer leading to the dismantling of all our compromised accounts, throw-away accounts, and even my work account. My […]
Mike Felch// A Tale of Blue Destroying Red Let me start by sharing a story about a fairly recent red team engagement against a highly-secured technical customer that didn’t end so well for me. Their SOC was well-equipped with sophisticated in-house anomaly detection tools, incredible visibility across the organization, and a tenacious incident response team. […]
Joff Thyer// In this webcast, we talk about the 2020 End of Life for Python2. We address what the short and medium term impacts will likely be. Key language differences will be highlighted with techniques to modify your code to be forward compatible. Download slides: https://www.activecountermeasures.com/presentations/ As a SANS instructor teaching SEC573: Automating Information Security […]
Darin Roberts// IP-Go-Round – Source IP Rotation I was on an engagement recently that was blocking my password sprays based on my IP address. If I made 3 incorrect requests from my IP, I was blocked out from making any other requests for 30 minutes. How annoying is that? It is a great form of […]
In this BHIS podcast, originally recorded as a live webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens. We cover how to track with Word Web Bugs in ADHD, and cover the awesome toolkit from Thinkst. We also cover some of the legal ramifications involved in doing […]
Podcast: Play in new window | Download
In this BHIS webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens. We cover how to track with Word Web Bugs in ADHD and cover the awesome toolkit from Thinkst. We also cover some of the legal ramifications involved in doing this. Download slides: https://www.activecountermeasures.com/presentations/ I am covering this […]
Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour podcast, originally recorded as a live webcast, we introduce a somewhat new Red Team approach that we call BYOI (Bring Your Own Interpreter). Download slides: https://www.activecountermeasures.com/presentations/ Turns out, by […]
Podcast: Play in new window | Download
Carrie Roberts//* I have needed to remind myself how to set up RDP access through an SSH connection so many times that I’ve decided to document it here for future reference. I hope it proves useful to you as well. I do “adversary simulation” for work and so I present this information using terms like […]
Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely undermine all blockchain technologies? Since Bitcoin is crashing and burning we figured it would be a good time to have a webcast on blockchain security […]
Podcast: Play in new window | Download
