External/Internal, Red Team Carrie Roberts, Let's Encrypt, PowerShell, PowerShell Empire, Trusted Certificate

Using PowerShell Empire with a Trusted Certificate

Carrie Roberts* // Using a trusted certificate and non-default Empire options will help increase your chances of getting a successful session out of a network. Follow these instructions to get […]

Read the entire post here

Author, Ethan Robish, Red Team, Red Team Tools author metadata, bugging documents, how to clear metadata, Microsoft, MS Excel, MS Word

Bugging Microsoft Files: Part 3 – Clearing Metadata

Ethan Robish // In my last two posts I showed how to insert tracking bugs in both .docx (Part 1) and .xlsx files (Part 2).  But don’t let all that effort go […]

Read the entire post here

Red Team, Red Team Tools Carrie Roberts, Empire commands, Empire Listeners, Listeners

How to Script Startup of Empire Listeners

Carrie Roberts //   Tired of typing those Empire commands to startup your goto listeners? Wish there was an equivalent to Metasploit resource files for Empire? This is not currently […]

Read the entire post here

Blue Team, Red Team DeepSec16, encryption, enter key, enter sesame, Linux, LUKS

Two Button PWNage

Logan Lembke // Step One: Power. Step Two: Enter. Step Three: ???? Step Four: Profit. In the security industry, we love our encryption. However sometimes, the complexity introduced by encryption […]

Read the entire post here

Author, Fun & Games, Jordan Drysdale, Red Team, Wireless Hand Crafted, hardware hacking, More Fun Projects, Princess Computer, Weaponizing Kids' Toys, Wi-Fi Attack Kits

Weaponizing Princess Toys: Crafting Wi-Fi Attack Kits

Jordan Drysdale // … Alternate Title: “Why I Love BHIS” So, I was gifted this cute little princessy-toy thing recently. My first thought was that my daughters will love this thing. […]

Read the entire post here

Author, Ethan Robish, Red Team, Red Team Tools Bugging Excel files, Bugging xlsx files, Colin Edwards, Excel, Microsoft Excel, microsoft office

Bugging Microsoft Files: Part 2 – Xlsx Files using Microsoft Excel

Ethan Robish // As promised in my previous post, part 1, this post shows how to place a tracking bug in a native .xlsx file.  Full credit for this method […]

Read the entire post here

How-To hiding things in other things, images, steganography

Steganography: The Art and Science of Hiding Things in Other Things – Part 4

Dakota Nelson* // Part 4: Resilient Steganography This is it. The end. The last of a four part series covering image steganography. You can get started with part 1, part […]

Read the entire post here

Red Team, Red Team Tools Digital Ocean, Outlook, OWA, webDAV

Deploying a WebDAV Server

Carrie Roberts // There are various reasons why having a webDAV server comes in handy. The main reason I created one was to execute a malicious Outlook rule attack as […]

Read the entire post here

Author, Ethan Robish, Red Team, Red Team Tools ADHD, Bugging Word Files, Microsoft, MS Word, Pentesting, Web Word Bugs, Word

Bugging Microsoft Files: Part 1 – Docx Files using Microsoft Word

Ethan Robish // If you’re familiar with ADHD and Web Word Bugs, you likely already know the method to create web tracking software using .html files renamed as .doc files. […]

Read the entire post here