Red Team

External/Internal, How-To, Informational, Password Spray, Red Team, Red Team Tools, Web App Bypass IP Filtering, Darin Roberts, Foxy Proxy, IP Rotation, password spray, ProxyCannon, ProxyMesh

How To Rotate Your Source IP Address

Darin Roberts// IP-Go-Round – Source IP Rotation I was on an engagement recently that was blocking my password sprays based on my IP address.  If I made 3 incorrect requests […]

Read the entire post here

C2, Informational, Podcasts, Red Team, Red Team Tools .Net, BYOI, C#, EDR, IronPython, Marcello Salvati, PowerShell, Red Team, SILENTTRINITY, Tradecraft, Windows Defender

BHIS PODCAST: Endpoint Security Got You Down? No PowerShell? No Problem.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box?  In this one-hour podcast, originally recorded as […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

External/Internal, How-To, Informational, Red Team BHIS, Black Hills Information Security, Carrie Roberts, RDP, SSH

The RDP Through SSH Encyclopedia

Carrie Roberts //* I have needed to remind myself how to set up RDP access through an SSH connection so many times that I’ve decided to document it here for […]

Read the entire post here

Informational, Red Team, Red Team Tools, Webcasts .Net, BYOI, EDR, Endpoint, Marcello, Open-Source, PowerShell, Red Team, SILENTTRINITY, Tradecraft, Windows Defender

Webcast: Endpoint Security Got You Down? No PowerShell? No Problem.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box?  In this one-hour webcast, we introduce a somewhat […]

Read the entire post here

C2, How-To, Informational, Red Team, Red Team Tools .Net, Carrie Roberts, PowerShell, PowerShell Empire, Red Team, Windows 10, Windows Defender

Getting PowerShell Empire Past Windows Defender

Carrie Roberts //* (Updated 2/12/2020) ADVISORY: The techniques and tools referenced within this blog post may be outdated and do not apply to current situations. However, there is still potential […]

Read the entire post here

How-To, Password Spray, Recon, Red Team, Red Team Tools InSpy, password spraying, recon, recon tool, red team tools

I Spy with InSpy v3.0

Darin Roberts// Early in 2018 I wrote a blog about InSpy. InSpy is a great reconnaissance tool that gathers usernames from LinkedIn. My first blog can be found here. A […]

Read the entire post here

Author, John Strand, Podcasts, Red Team anti-virus, endpoint security, how to bypass Anti Virus, Podcasts, Sacred Cash Cow Tipping

PODCAST: Sacred Cash Cow Tipping 2019

Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, John Strand, Red Team, Webcasts anti-virus, carbonblack, endpoint security, how to bypass Anti Virus, pen-testing, penetration testing, Red Team, Sacred Cash Cow Tipping

Webcast: Sacred Cash Cow Tipping 2019

John Strand // Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of […]

Read the entire post here

Fun & Games, Informational, Social Engineering general infosec, informational, social engineering

Social Engineering in Japan

Kelsey Bellew//* It’s an occupational hazard to see vulnerabilities everywhere. When I see a router sitting in plain sight I think, “The default creds are probably printed on the back; […]

Read the entire post here