Red Team

External/Internal, Red Team 2FA, ask and it will be given to you, bypassing 2fa, help desk, helpful help desk, MailSniper, OWA, password policy, passwords, pen-testing, penetration testing, pentest, Pentesting, two-factor, VPN

How to Bypass Two-Factor Authentication – One Step at a Time

Sally Vandeven // Back in November Beau Bullock wrote a blog post describing how his awesome PowerShell tool MailSniper can sometimes bypass OWA portals to get mail via EWS if […]

Read the entire post here

Author, Jordan Drysdale, Red Team, Wireless onsite, pen-testing, penetration testing, Pentesting, Wi-Fi travel kit, wireless kit

The Wi-Fi Travel Kits

Jordan Drysdale // Sally and I recently ventured to an on-site wireless engagement with a very security-mature customer. Long story short, the level of protection that WPA2 Enterprise with certificate validation provides […]

Read the entire post here

Author, John Strand, Red Team industry trends, Pentesting, pink teaming, red teaming

Pink Teaming: The Dilution of Pentesting

John Strand // There have been a few conversations at conferences and meet-ups over the past year or so about the validity of penetration testing. There are many things on […]

Read the entire post here

Author, Derek Banks, Physical, Red Team, Red Team Tools DIY, DuckHunter, HID attack, KALI, Kali Linux, Kali NetHunter, mobile hacking platform, Mobile Pentesting Platform, Nexus7, Rooted Nexus7

How to DIY a Mobile Hacking Platform – Kali NetHunter on a Rooted Nexus7

Derek Banks // As pentesters, it is probably not a surprise that we tend to make fairly heavy use of Kali Linux on a fairly regular basis. The folks at Offensive […]

Read the entire post here

InfoSec 201, Red Team, Social Engineering Family Tree Now, genealogy, OSINT, phishing, social engineering

Phishing Family Tree Now: A Social Engineering Odyssey

Joe Gray* // You may have heard about a new genealogy tool called Family Tree Now. It is a (seemingly) 100% free tool (more on that later) that allows you to […]

Read the entire post here

Author, Brian Fehrman, Red Team, Red Team Tools AV, AV bypass, AV vendors, ESET, Kaspersky, PowerOPS, PowerOPS Frameword, PowerShell, Tipping Cash Cows

Power Posing with PowerOPS

Brian Fehrman // As described in my last blog post, Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV (sheeesh…it’s been a bit!), we are seeing more environments in […]

Read the entire post here

00164_01232017_AndroidDevPenetrationTestingSetup3

Author, Joff Thyer, Mobile, Red Team

Android Dev & Penetration Testing Setup – Part 3: Installing the drozer Attack Framework

Joff Thyer // Editor’s Note: This is part 3 of a 3 part series. Part 1 discussed configuring your virtual machine engine and virtual hardware emulation. Part 2 covered installing Android […]

Read the entire post here

00162_01202017_AndroidDevPenetrationTestingSetup2

Author, Joff Thyer, Mobile, Red Team Android, Android Dev, mobile apps, Pentesting

Android Dev & Penetration Testing Setup – Part 2: Installing Android Studio

Joff Thyer // Editor’s Note: This is part 2 of a 3 part series. Part 1 discussed configuring your virtual machine engine and virtual hardware emulation. Part 2 (this part) covers […]

Read the entire post here

00161_01172017_AndroidDevPenetrationTestingSetup1

Author, Joff Thyer, Mobile, Red Team Android, Android Dev, mobile apps, Pentesting, pentesting mobile apps

Android Dev & Penetration Testing Setup – Part 1

Joff Thyer // Editor’s Note: This is part 1 of a 3 part series. Part 1 will discuss configuring your virtual machine engine and virtual hardware emulation. Part 2 covers installing […]

Read the entire post here

«‹ 27 28 29 30 ›»