How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped
Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this […]
Red Team Tools
I Spy with InSpy
Darin Roberts// Do you ever find yourself on an engagement and need just a few more names with which to conduct a password spray? Everyone knows the more emails you have, […]
WEBCAST: There and Back Again – A Pathfinder’s Tale
Matthew Toussain// Portswigger’s Burpsuite has become the tool of choice for web application penetration testers. OWASP’s Zed Attack Proxy (ZAP) not only fights in the same weight class but also […]
Google Calendar Event Injection with MailSniper
Beau Bullock & Michael Felch // Source: https://chrome.google.com/webstore/detail/google-calendar-by-google/gmbgaklkmjakoegficnlkhebmhkjfich Overview Google Calendar is one of the many features provided to those who sign up for a Google account along with other popular […]
Empire Resource Files and Auto Runs
Carrie Roberts* // I have added resource file and autorun functionality to PowerShell Empire. Empire now has the ability to run multiple commands at once by specifying the commands in […]
Grepping Through PowerView Output
Carrie Roberts//* Have you found yourself trying to Grep through PowerView output, or any PowerShell output for that matter, and find that it returns no results for text you know […]
How to Crack Passwords for Password Protected MS Office Documents
Carrie Roberts* // (Updated, 2/11/2019) Trying to figure out the password for a password protected MS Office document? This free solution might do the trick. It attempts to guess the password […]
How to Crack Passwords in the Cloud with GPU Acceleration (Kali 2017)
Carrie Roberts* // How does password cracking in the cloud compare to down here on earth? Maybe not as heavenly as imagined. I saw this on the web and got […]