Author

Author, How-To, Red Team, Red Team Tools, Tim Fowler Event Logs, Fileless, Injection, Logging, Payloads, shellcode

Windows Event Logs for Red Teams

Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique […]

Read the entire post here

Author, Blue Team, Blue Team Tools, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Jordan Drysdale Azure, defense, Detection, doazlab.com, Impacket, Jordan Drysdale

Impacket Defense Basics With an Azure Lab 

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]

Read the entire post here

Author, External/Internal, General InfoSec Tips & Tricks, Melissa Bruno, Web App

For Web Content Discovery, Who You Gonna Call? Gobuster!

Melissa Bruno // One of the best early steps to take when testing a network, especially a large one, is to run the tool EyeWitness to gain a quick understanding […]

Read the entire post here

Author, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, InfoSec 201, Jordan Drysdale, Red Team Tools Jordan Drysdale

Impacket Offense Basics With an Azure Lab

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the […]

Read the entire post here

Author, General InfoSec Tips & Tricks, How-To, Informational, Red Team, Steve Borosh Microsoft 365, Spoofing, Steve Borosh

Spoofing Microsoft 365 Like It’s 1995

Steve Borosh // Why Phishing? Those of us on the offensive side of security often find ourselves in the position to test our clients’ resilience to phishing attacks. According to […]

Read the entire post here

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Hunt Teaming, Informational, InfoSec 101, Jordan Drysdale ARM Templates, Attribution, Detection, Engineering, Geopolitics, hunting, Microsoft Sentinel

Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel 

Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]

Read the entire post here

Author, Backdoors & Breaches, Blue Team, Blue Team Tools, Corey Ham, Fun & Games, Hal Denton, How-To, Informational, Jason Blanchard, Kiersten Gross, Noah Heckman, Troy Wojewoda, Webcasts

How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity

Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card […]

Read the entire post here

Author, C2, General InfoSec Tips & Tricks, Mike Felch, Red Team initial access, RDP, remote desktop

Rogue RDP – Revisiting Initial Access Methods

Mike Felch // The Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]

Read the entire post here

Author, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 301, Joff Thyer DNS Security, Joff Thyer

The DNS over HTTPS (DoH) Mess

Joff Thyer // I woke up this Monday morning thinking that it’s about time I spent time looking at my Domain Name Service (DNS) configuration in my network. (This thought […]

Read the entire post here