Author

Author, Joff Thyer, Red Team KALI, payload generation, PEInsider, PowerShell, shellcode

Advanced Msfvenom Payload Generation

Joff Thyer // It has been known for some time that an executable payload generated with msfvenom can leverage an alternative template EXE file, and be encoded to better evade […]

Read the entire post here

Author, Blue Team, Blue Team Tools, Jordan Drysdale ansible, Config management, CSC #2, lazy admin

Ansible for Lazy Admins

Jordan Drysdale // For the lazy server and system admins, automating those boring functions of updating packages, finding outdated ones, checking scans, et cetera, Ansible has some very nice features. […]

Read the entire post here

Author, David Fletcher, External/Internal, Red Team cool stuff, shell script, SSL, testssl.sh, TLS, tools

TestSSL.sh –Assessing SSL/TLS Configurations at Scale

David Fletcher // Have you ever looked at Nessus scan results to find the below in the output? Recently I was on engagement and encountered just this situation.  I found […]

Read the entire post here

Author, External/Internal, Joff Thyer, Red Team C2, internal pentest, ipconfig, ipconfig Output, l33t ninja, metasploit, pen-testing, Pentesting

Internal Pivot, Network Enumeration, & Lateral Movement

Joff Thyer // Picture a scenario whereby you are involved in an internal network penetration test. Perhaps you have succeeded with a spear-phishing campaign and landed on an internal system, […]

Read the entire post here

Author, Ethan Robish, Fun & Games college, get to know a tester, internship, interview, my mom got me a job

Get to Know a Tester: Ethan Robish

Sierra Ward & Ethan Robish // Intro by Ethan: Sierra came up with the idea to interview me for this blog.  I thought it was a great idea and after watching Rick […]

Read the entire post here

Author, Brian Fehrman, Red Team anti-virus, bypassing AV, Kill your AV, whitelisting

How to Bypass Application Whitelisting & AV

Brian Fehrman // There are numerous methods that have been published to bypass Anti-Virus products. As a result, many companies are beginning to realize that application whitelisting is another tool […]

Read the entire post here

Author, Beau Bullock, C2, External/Internal, Red Team Beau Bullock, egress filtering, exposed ports, firewalls, network

Poking Holes in the Firewall: Egress Testing With AllPorts.Exposed

Beau Bullock // If you have been even remotely in touch with technology in the past thirty years you have probably heard of this thing called a “firewall”. If not, […]

Read the entire post here

Author, Brian King, Red Team, Web App cross site tracing, http trace, OWASP, trace request, WAF bypass

Three Minutes with the HTTP TRACE Method

Brian King // All of our scanning tools tell us that we should disable the HTTP TRACE and TRACK methods. And we all think that’s because there’s something an attacker […]

Read the entire post here

Author, General InfoSec Tips & Tricks, InfoSec 101, Jordan Drysdale

Public Wi-Fi Insecurity – Part Deux, For Compliance Sakes

Jordan Drysdale // (See Jordan’s Part 1 of this post here.) PCI-DSS strolled into town with the latest compliance package of minutiae laden IT speak at the end of last year. […]

Read the entire post here