Red Team

Author, John Strand, Red Team industry trends, Pentesting, pink teaming, red teaming

Pink Teaming: The Dilution of Pentesting

John Strand // There have been a few conversations at conferences and meet-ups over the past year or so about the validity of penetration testing. There are many things on […]

Read the entire post here

Author, Derek Banks, Physical, Red Team, Red Team Tools DIY, DuckHunter, HID attack, KALI, Kali Linux, Kali NetHunter, mobile hacking platform, Mobile Pentesting Platform, Nexus7, Rooted Nexus7

How to DIY a Mobile Hacking Platform – Kali NetHunter on a Rooted Nexus7

Derek Banks // As pentesters, it is probably not a surprise that we tend to make fairly heavy use of Kali Linux on a fairly regular basis. The folks at Offensive […]

Read the entire post here

InfoSec 201, Red Team, Social Engineering Family Tree Now, genealogy, OSINT, phishing, social engineering

Phishing Family Tree Now: A Social Engineering Odyssey

Joe Gray* // You may have heard about a new genealogy tool called Family Tree Now. It is a (seemingly) 100% free tool (more on that later) that allows you to […]

Read the entire post here

Author, Brian Fehrman, Red Team, Red Team Tools AV, AV bypass, AV vendors, ESET, Kaspersky, PowerOPS, PowerOPS Frameword, PowerShell, Tipping Cash Cows

Power Posing with PowerOPS

Brian Fehrman // As described in my last blog post, Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV (sheeesh…it’s been a bit!), we are seeing more environments in […]

Read the entire post here

00164_01232017_AndroidDevPenetrationTestingSetup3

Author, Joff Thyer, Mobile, Red Team

Android Dev & Penetration Testing Setup – Part 3: Installing the drozer Attack Framework

Joff Thyer // Editor’s Note: This is part 3 of a 3 part series. Part 1 discussed configuring your virtual machine engine and virtual hardware emulation. Part 2 covered installing Android […]

Read the entire post here

00162_01202017_AndroidDevPenetrationTestingSetup2

Author, Joff Thyer, Mobile, Red Team Android, Android Dev, mobile apps, Pentesting

Android Dev & Penetration Testing Setup – Part 2: Installing Android Studio

Joff Thyer // Editor’s Note: This is part 2 of a 3 part series. Part 1 discussed configuring your virtual machine engine and virtual hardware emulation. Part 2 (this part) covers […]

Read the entire post here

00161_01172017_AndroidDevPenetrationTestingSetup1

Author, Joff Thyer, Mobile, Red Team Android, Android Dev, mobile apps, Pentesting, pentesting mobile apps

Android Dev & Penetration Testing Setup – Part 1

Joff Thyer // Editor’s Note: This is part 1 of a 3 part series. Part 1 will discuss configuring your virtual machine engine and virtual hardware emulation. Part 2 covers installing […]

Read the entire post here

C2, Red Team C2, DNS C2, dnscat2, PowerShell, tunneling

PowerShell DNS Command & Control with dnscat2-powershell

Luke Baggett // Imagine a scenario where a Penetration Tester is trying to set up command and control on an internal network blocking all outbound traffic, except traffic towards a […]

Read the entire post here