Backdoors & Breaches kind of took off. In case you don’t know, Backdoors & Breaches is an Incident Response Card Game to help people better understand the various attacks and defenses used in security today. We have sold out twice on Amazon, given out thousands of copies for free at conferences, and sent 2,000+ free decks to […]
Podcast: Play in new window | Download
Ever wanted to get started in cyber deception? Ever wanted to do it for free? In this BHIS webcast, we will cover some basic, legal, and easy tools/techniques to get you started in working with low interaction honeypots to serve as an early warning of attacks. We will also be sharing a recipe for making […]
Podcast: Play in new window | Download
TL;DR SILENTTRINITY (ST) made the news a few times in July 2019, and I wanted to see what all the fuss was about. This article has enough information to get ST installed, the teamserver operational, and a client connected to the teamserver. Once all that is out of the way, we’ll go for the goods. […]
Marcello Salvati // This fairly lengthy blog post aims at providing Red Team Operators ideas on how to incorporate BYOI tradecraft into their own custom tooling and get those creative malware development juices flowing. This blog post can also serve as a “light” introduction to .NET and how to write basic C2, so there’s hopefully […]
Rick Wisser // Note: This blog will also be a lab for any of the upcoming Wild West Hackin’ Fest Conferences. During a recent engagement, I came across an issue. The issue I encountered was that the SPI chip I was trying to dump the firmware off of was a 1.8v chip. This would not […]
Dakota Nelson // Unknown Unknowns: So you’ve been pentested. Congrats! It might not feel like it, but this will eventually leave you more confident about your security, not less. The real question is – why might it not feel like it? Pentest findings can be broken down many ways, of course – the obvious one […]
Ray Felch // SOFTWARE DEFINED RADIO: RF Signal Replay Techniques Disclaimer: Be sure to use a faraday bag or cage before transmitting any data so you don’t accidentally break any laws by illegally transmitting on regulated frequencies. Additionally, intercepting and decrypting someone else’s data is illegal, so be careful when researching your traffic. Preface: Recently, […]
Why are companies still recommending an 8-character password minimum? Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. Download Slides: https://www.activecountermeasures.com/presentations Originally recorded as a live webcast on December 5th, 2019 Presented by: Darin Roberts & […]
Podcast: Play in new window | Download
Want to learn how attackers bypass endpoint products? Download slides: https://www.activecountermeasures.com/presentations/ 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco AMP EDR – Quick and Easy Bypass 18:24 – PowerShell AMSI Bypass – Rhino 19:07 – CylancePROTECT Bypass 24:14 – Windows Defender and Carbon Black Bypass 30:36 – Windows Subsystem for Linux […]
Podcast: Play in new window | Download
