C2

C2, General InfoSec Tips & Tricks, Red Team initial access, RDP, remote desktop

Rogue RDP – Revisiting Initial Access Methods

Mike Felch // The Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]

Read the entire post here

00398_08152019_UsingCloudFrontRelayCobaltStrike

C2, How-To, Informational, Red Team, Red Team Tools Brian Fehrman, CloudFront, cobalt strike, Domain Fronting

Using CloudFront to Relay Cobalt Strike Traffic

Brian Fehrman // Many of you have likely heard of Domain Fronting. Domain Fronting is a technique that can allow your C2 traffic to blend in with a target’s traffic […]

Read the entire post here

C2, External/Internal, How-To, Informational, LLMNR, Password Cracking, Password Spray, Phishing, Recon, Red Team, Red Team Tools, Webcasts Attack Tactics, crackmapexec, Ethical Hacking, HTA, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, Password cracking, password spraying, pen-testing, phishing

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

Read the entire post here

00375_03062019_PODCAST_EndpointSecurityGotYouDown

C2, Informational, Podcasts, Red Team, Red Team Tools .Net, BYOI, C#, EDR, IronPython, Marcello Salvati, PowerShell, Red Team, SILENTTRINITY, Tradecraft, Windows Defender

BHIS PODCAST: Endpoint Security Got You Down? No PowerShell? No Problem.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour podcast, originally recorded as […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

C2, How-To, Informational, Red Team, Red Team Tools .Net, Carrie Roberts, PowerShell, PowerShell Empire, Red Team, Windows 10, Windows Defender

Getting PowerShell Empire Past Windows Defender

Carrie Roberts //* (Updated 2/12/2020) ADVISORY: The techniques and tools referenced within this blog post may be outdated and do not apply to current situations. However, there is still potential […]

Read the entire post here

C2, How-To, Red Team C2, C2 over ICMP, command and control, ICMP, Internet Control Message Protocol, Red Team

How To: C2 Over ICMP

Darin Roberts // In previous blogs, I have shown how to get various C2 sessions. In this blog, I will be showing how to do C2 over ICMP. First, what […]

Read the entire post here

C2, Red Team C2, command and control, Red Team, WebSockets, WSC2

Command and Control with WebSockets WSC2

Craig Vincent// This all started with a conversation I was having with a few other BHIS testers. At the time, I was testing a web application that used WebSockets. The […]

Read the entire post here

C2, How-To C2, command and control, metasploit

C2, C3, Whatever It Takes

Darin Roberts// If you have been in the security field for any length of time at all you have heard the term C2. You might have heard it also called […]

Read the entire post here

C2, External/Internal, General InfoSec Tips & Tricks, How-To, InfoSec 201, InfoSec 301, Red Team, Red Team Tools, Social Engineering C2, C2 Infrastructure, C2K, command and control, Digital Ocean

How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped

Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this […]

Read the entire post here

1 2 3