C2, How-To C2, command and control, metasploit

C2, C3, Whatever It Takes

Darin Roberts// If you have been in the security field for any length of time at all you have heard the term C2. You might have heard it also called […]

Read the entire post here

Author, Brian Fehrman, External/Internal, Red Team All the Shellz, Debian, metasploit, meterpreter, Nmap, Pentesting, proxychains, Ubuntu

How to Use Nmap with Meterpreter

Brian Fehrman // You’ve sent your phishing ruse, the target has run the Meterpreter payload, and you have shell on their system. Now what? If you follow our blogs, you […]

Read the entire post here

Red Team, Web App All the Shellz, hacking, metasploit, msfvenom, netcat, OS Command Injection, pen-testing, Python, Real Life Hacking, Waiting

OS Command Injection; The Pain, The Gain

Carrie Roberts // OS Command Injection is fun. I recently found this vulnerability on a web application I was testing (thanks to Burp Suite scanner). I was excited because I […]

Read the entire post here

Author, External/Internal, Joff Thyer, Red Team C2, internal pentest, ipconfig, ipconfig Output, l33t ninja, metasploit, pen-testing, Pentesting

Internal Pivot, Network Enumeration, & Lateral Movement

Joff Thyer // Picture a scenario whereby you are involved in an internal network penetration test. Perhaps you have succeeded with a spear-phishing campaign and landed on an internal system, […]

Read the entire post here