Author, Derek Banks, Physical, Red Team, Red Team Tools DIY, DuckHunter, HID attack, KALI, Kali Linux, Kali NetHunter, mobile hacking platform, Mobile Pentesting Platform, Nexus7, Rooted Nexus7

How to DIY a Mobile Hacking Platform – Kali NetHunter on a Rooted Nexus7

Derek Banks //   As pentesters, it is probably not a surprise that we tend to make fairly heavy use of Kali Linux on a fairly regular basis. The folks at Offensive […]

Read the entire post here

InfoSec 201, Red Team, Social Engineering Family Tree Now, genealogy, OSINT, phishing, social engineering

Phishing Family Tree Now: A Social Engineering Odyssey

Joe Gray* // You may have heard about a new genealogy tool called Family Tree Now. It is a (seemingly) 100% free tool (more on that later) that allows you to […]

Read the entire post here

Author, Brian Fehrman, Red Team, Red Team Tools AV, AV bypass, AV vendors, ESET, Kaspersky, PowerOPS, PowerOPS Frameword, PowerShell, Tipping Cash Cows

Power Posing with PowerOPS

Brian Fehrman // As described in my last blog post, Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV (sheeesh…it’s been a bit!), we are seeing more environments in […]

Read the entire post here

Author, Joff Thyer, Mobile, Red Team

Android Dev & Penetration Testing Setup – Part 3: Installing the drozer Attack Framework

Joff Thyer // Editor’s Note:  This is part 3 of a 3 part series.  Part 1 discussed configuring your virtual machine engine and virtual hardware emulation.  Part 2 covered installing Android […]

Read the entire post here

Author, Blue Team, Hunt Teaming, John Strand, Webcasts live forensics, memory analysis, webcast

WEBCAST: Live Forensics & Memory Analysis

John Strand // So you think you might have a compromised Windows system. If you do, where do you start? How would you review the memory of that system? What […]

Read the entire post here

Author, Joff Thyer, Mobile, Red Team Android, Android Dev, mobile apps, Pentesting

Android Dev & Penetration Testing Setup – Part 2: Installing Android Studio

Joff Thyer // Editor’s Note:  This is part 2 of a 3 part series.  Part 1 discussed configuring your virtual machine engine and virtual hardware emulation.  Part 2 (this part) covers […]

Read the entire post here

Author, Joff Thyer, Mobile, Red Team Android, Android Dev, mobile apps, Pentesting, pentesting mobile apps

Android Dev & Penetration Testing Setup – Part 1

Joff Thyer // Editor’s Note:  This is part 1 of a 3 part series.  Part 1 will discuss configuring your virtual machine engine and virtual hardware emulation.  Part 2 covers installing […]

Read the entire post here

C2, Red Team C2, DNS C2, dnscat2, PowerShell, tunneling

PowerShell DNS Command & Control with dnscat2-powershell

Luke Baggett // Imagine a scenario where a Penetration Tester is trying to set up command and control on an internal network blocking all outbound traffic, except traffic towards a […]

Read the entire post here

Blue Team backups, be prepared, breach, Christmas delivery phish, good times all around, Oh !@$# moments, Osiris ransomware, ransomware

My Ransomware Post-Mortem

Cody Smith* // As information security professionals we’re not invincible to breaches. Even the most robust security system can’t make up for a lack of user education, which I was […]

Read the entire post here