Offensive IoT for Red Team Implants – Part 1
This is part one of a multipart blog series on researching a new generation of hardware implants and how using solutions from the world of IoT can unleash new capabilities. […]
Red Team Tools
Wishing: Webhook Phishing in Teams
Quick Jump: In the constantly evolving landscape of cybersecurity, it is common to see features designed for convenience lead to negative cybersecurity consequences. Microsoft Teams, an essential tool for corporate […]
Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365
By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]
Abusing Active Directory Certificate Services – Part 2
| Alyssa Snow Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to […]
Abusing Active Directory Certificate Services – Part One
| Alyssa Snow Active Directory Certificate Services (ADCS)1 is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing […]
PNPT: Certification Review
Daniel Pizarro // What is the PNPT? The Practical Network Penetration Tester (PNPT), created by TCM Security (TCMS), is a 5-day ethical hacking certification exam that assesses a pentester’s ability […]
Avoiding Memory Scanners
Kyle Avery // Introduction This post compliments a presentation I gave at DEF CON 30 – “Avoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More,” which included the […]
Windows Event Logs for Red Teams
Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique […]