How-To

How-To, Red Team, Webcasts, Wireless Exfil, Hardware, Paul Clark, Red Team, Software Defined Radio, Wireless

Webcast: Building a Small and Flexible Wireless Exfiltration Box with SDR

Paul Clark// Do you want to know how we learned Software Defined Radio? We learned it from Paul. We also learned by getting our hands dirty with projects. For this […]

Read the entire post here

Author, Beau Bullock, How-To, Mike Felch, Phishing, Recon, Red Team, Red Team Tools, Social Engineering, Webcasts Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Webcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

Read the entire post here

Author, How-To, Informational, Michael Allen, Red Team How to, Michael Allen, Payload, Red Team, Rubber Ducky, Scan Codes, Teensy, Weaponize, yubikey

How to Weaponize the Yubikey

Michael Allen // A couple of years ago, I had a YubiKey that was affected by a security vulnerability, and to fix the issue, Yubico sent me a brand new […]

Read the entire post here

Author, C2, External/Internal, How-To, Informational, Jordan Drysdale, Kent Ickler, LLMNR, Password Cracking, Password Spray, Phishing, Recon, Red Team, Red Team Tools, Webcasts Attack Tactics, crackmapexec, Ethical Hacking, HTA, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, Password cracking, password spraying, pen-testing, phishing

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

Read the entire post here

Author, External/Internal, How-To, Informational, Jordan Drysdale, LLMNR, Red Team exploit, How to, Jordan Drysdale, LLMNR, Red Team, SMB Message Signing

An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit

Jordan Drysdale// This is basically a slight update and rip off of Marcello’s work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr – Zero to DA on an environment through an exposed Outlook Web […]

Read the entire post here

Author, Blue Team, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Mike Felch Blue Team, cloud, Google, Red Team

How to Purge Google and Start Over – Part 2

Mike Felch// How to Purge Google and Start Over – Part 1 Brief Recap In part 1, we discussed a red team engagement that went south when the Google SOC […]

Read the entire post here

Author, Blue Team, General InfoSec Tips & Tricks, How-To, Informational, Mike Felch Blue Team, cloud, Google, Mike Felch, privacy, Red Team

How to Purge Google and Start Over – Part 1

Mike Felch// A Tale of Blue Destroying Red Let me start by sharing a story about a fairly recent red team engagement against a highly-secured technical customer that didn’t end […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, Joff Thyer, Webcasts Joff Thyer, Python2, Python3, SEC573, UTF-8

BHIS Webcast: Py2k20 – Transitioning from Python2 to Python3

Joff Thyer// In this webcast, we talk about the 2020 End of Life for Python2. We address what the short and medium term impacts will likely be. Key language differences […]

Read the entire post here

External/Internal, How-To, Informational, Password Spray, Red Team, Red Team Tools, Web App Bypass IP Filtering, Darin Roberts, Foxy Proxy, IP Rotation, password spray, ProxyCannon, ProxyMesh

How To Rotate Your Source IP Address

Darin Roberts// IP-Go-Round – Source IP Rotation I was on an engagement recently that was blocking my password sprays based on my IP address. If I made 3 incorrect requests […]

Read the entire post here

«‹ 22 23 24 25 ›»