Red Team Tools

Author, Brian Fehrman, Red Team, Red Team Tools Bypassing Web-Proxy Filtering, C2 Channels, penetration testing, Pentesting, PowerShell, Web-Proxy Filtering

How to Bypass Web-Proxy Filtering

Brian Fehrman // Someone recently posed a question to BHIS about creating C2 channels in environments where heavily restrictive egress filtering is being utilized. Testers at BHIS, and in the […]

Read the entire post here

Author, Jordan Drysdale, Kent Ickler, Red Team, Red Team Tools Kon-Boot, thumb drive fun

Super Sweet Kon-Boot Demo in GIFs

Jordan Drysdale, victim // Kent Ickler, adversary // In this post, our victim locks their computer and heads out for a coffee refill. The adversary smashes through all system and […]

Read the entire post here

Author, Beau Bullock, Recon, Red Team, Red Team Tools HostRecon, PowerShell, Situational Awareness, tool

HostRecon: A Situational Awareness Tool

Beau Bullock // Overview HostRecon is a tool I wrote in PowerShell to assist with quickly enumerating a number of items that I would typically check after gaining access to […]

Read the entire post here

Red Team, Red Team Tools bash bunny, BashBunny, bashbunny-payloads, Hak5, Wi-Fi Creds, Wireless Credentials

How to Pull Wireless Credentials with the Bash Bunny

Sally Vandeven // All of the BHIS testers are pretty geeked about Hak5’s newest toy — the Bash Bunny. Last week, Jordan blogged about the USB Exfiltration payload. Today I […]

Read the entire post here

Author, Jordan Drysdale, Red Team, Red Team Tools all the payloads, bash bunny, Hak5, usb, usb exfiltrator, windows XP

How to Get USB_Exfiltration Payload Using the Bash Bunny

Jordan Drysdale // This is a super quick write-up on the first very useful payload we tested and confirmed as 100% reliable on all Windows systems (XP-SP3+) with PowerShell enabled. […]

Read the entire post here

Author, Derek Banks, Physical, Red Team, Red Team Tools DIY, DuckHunter, HID attack, KALI, Kali Linux, Kali NetHunter, mobile hacking platform, Mobile Pentesting Platform, Nexus7, Rooted Nexus7

How to DIY a Mobile Hacking Platform – Kali NetHunter on a Rooted Nexus7

Derek Banks //   As pentesters, it is probably not a surprise that we tend to make fairly heavy use of Kali Linux on a fairly regular basis. The folks at Offensive […]

Read the entire post here

Author, Brian Fehrman, Red Team, Red Team Tools AV, AV bypass, AV vendors, ESET, Kaspersky, PowerOPS, PowerOPS Frameword, PowerShell, Tipping Cash Cows

Power Posing with PowerOPS

Brian Fehrman // As described in my last blog post, Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV (sheeesh…it’s been a bit!), we are seeing more environments in […]

Read the entire post here

Red Team, Red Team Tools All the AVs, anti-virus, bypassing AV, Carrie Roberts, mimikatz, Windows Defender

How to Bypass Anti-Virus to Run Mimikatz

Carrie Roberts // * Would you like to run Mimikatz without Anti-Virus (AV) detecting it? Recently I attempted running the PowerShell script “Invoke-Mimikatz” from PowerSploit on my machine but it was […]

Read the entire post here

Red Team, Red Team Tools password spraying, powershell domain user enumeration, tools

Domain User Enumeration

Chevy Swanson // Everyone loves being able to speed up their work with custom tools, but the clear problem is that computers are a bit too fussy about everything being perfect […]

Read the entire post here