Informational

Informational, Red Team, Red Team Tools, Webcasts .Net, BYOI, EDR, Endpoint, Marcello, Open-Source, PowerShell, Red Team, SILENTTRINITY, Tradecraft, Windows Defender

Webcast: Endpoint Security Got You Down? No PowerShell? No Problem.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box?  In this one-hour webcast, we introduce a somewhat […]

Read the entire post here

Author, Informational, John Strand john strand, SANS, SEC504

I’m Resigning From SANS

John Strand// Hello all, Well, this is a painful post to write, so I will get right to it. I am on my last run of classes with the SANS […]

Read the entire post here

C2, How-To, Informational, Red Team, Red Team Tools .Net, Carrie Roberts, PowerShell, PowerShell Empire, Red Team, Windows 10, Windows Defender

Getting PowerShell Empire Past Windows Defender

Carrie Roberts //* (Updated 2/12/2020) ADVISORY: The techniques and tools referenced within this blog post may be outdated and do not apply to current situations. However, there is still potential […]

Read the entire post here

Author, Beau Bullock, Informational, InfoSec 101, John Strand, Webcasts Attacks, Beau Bullock, BHIS, Bitcoin, Blockchain, john strand

BHIS Webcast: Blockchain and You! InfoSec Edition

Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely […]

Read the entire post here

Author, Blue Team, How-To, Informational, InfoSec 101, Jordan Drysdale Blue Team, Defensive Strategies, Jordan Drysdale, Security Strategies, Small Business, Small Business Security

Small and Medium Business Security Strategies: Part 5

Jordan Drysdale// tl;dr Inventory management and personnel management are critical to making this work. Often, the difference between your company becoming a statistic and catching someone with a foothold in […]

Read the entire post here

How-To, Informational C2, command and control, PowerShell Empire, SSH, SSHazam

SSHazam: Hide Your C2 Inside of SSH

Carrie Roberts //* SSHazam is a method of running any C2 tool of your choice inside a standard SSH tunnel to avoid network detections. The examples here involve running PowerShell […]

Read the entire post here

Fun & Games, Informational, Social Engineering general infosec, informational, social engineering

Social Engineering in Japan

Kelsey Bellew//* It’s an occupational hazard to see vulnerabilities everywhere. When I see a router sitting in plain sight I think, “The default creds are probably printed on the back; […]

Read the entire post here

How-To, Informational Healthy, Healthy Hacking, Tips and Tricks, Treadmill

Healthy Hacking with the Treadmill Elliptical Desk: My journey to staying healthy while hacking!

Carrie Roberts*// I’m a red teamer, I love my job but I spend way too much time at a desk in front of a computer. This year I wanted to […]

Read the entire post here

Author, Informational, Joff Thyer, Red Team Dropbox, Man-in-the-Middle, MITM, penetration tester, pentest, pentesting dropbox

Pentesting Dropbox on Steroids

Joff Thyer// Many of you have probably already looked at Beau Bullock’s fine blog entry on a penetration testing dropbox. Beau has some excellent guidance on how to build the […]

Read the entire post here