Author, How-To, Red Team, Red Team Tools, Tim Fowler Event Logs, Fileless, Injection, Logging, Payloads, shellcode

Windows Event Logs for Red Teams

Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique […]

Read the entire post here

Author, Blue Team, Blue Team Tools, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Jordan Drysdale Azure, defense, Detection, doazlab.com, Impacket, Jordan Drysdale

Impacket Defense Basics With an Azure Lab 

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]

Read the entire post here

How-To, Web App

Lessons Learned While Pentesting GraphQL

Sean Verity // GraphQL is one of those technologies that I heard about several years ago but had not encountered during an actual pentest. After reading a blog or two, […]

Read the entire post here

Author, External/Internal, General InfoSec Tips & Tricks, Melissa Bruno, Web App

For Web Content Discovery, Who You Gonna Call? Gobuster!

Melissa Bruno // One of the best early steps to take when testing a network, especially a large one, is to run the tool EyeWitness to gain a quick understanding […]

Read the entire post here

How-To, Informational, InfoSec 101, Phishing, Red Team, Social Engineering ansible, automation, credential capture, ethical, hacking, html

Phishing Made Easy(ish)

Hannah Cartier // Social engineering, especially phishing, is becoming increasingly prevalent in red team engagements as well as real-world attacks. As security awareness improves and systems become more locked down, […]

Read the entire post here

Author, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, InfoSec 201, Jordan Drysdale, Red Team Tools Jordan Drysdale

Impacket Offense Basics With an Azure Lab

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the […]

Read the entire post here

Author, General InfoSec Tips & Tricks, How-To, Informational, Red Team, Steve Borosh Microsoft 365, Spoofing, Steve Borosh

Spoofing Microsoft 365 Like It’s 1995

Steve Borosh // Why Phishing? Those of us on the offensive side of security often find ourselves in the position to test our clients’ resilience to phishing attacks. According to […]

Read the entire post here

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Hunt Teaming, Informational, InfoSec 101, Jordan Drysdale ARM Templates, Attribution, Detection, Engineering, Geopolitics, hunting, Microsoft Sentinel

Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel 

Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]

Read the entire post here

Author, Backdoors & Breaches, Blue Team, Blue Team Tools, Corey Ham, Fun & Games, Hal Denton, How-To, Informational, Jason Blanchard, Kiersten Gross, Noah Heckman, Troy Wojewoda, Webcasts

How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity

Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card […]

Read the entire post here