Tags
Browse posts by topic
#active-directory (2)
PowerShell Active Directory Enumeration Without RSAT
RSAT isn't always available and importing PowerView raises flags. This post covers native PowerShell techniques for enumerating Active Directory — users, gro...
Do You Trust GPO Trustees?
Introduction Group Policy Objects (or GPOs) are a valuable and necessary pillar of any Windows-based organization. They enforce various rules and definitions...
#automation (1)
Automating Recon with Python: A Practical Primer
Manual reconnaissance is slow and inconsistent. This post walks through building a basic but solid Python script that automates subdomain enumeration, port s...
#blue-team (4)
When Computer Says Yes (automatically): Understanding UAC Auto-Elevation – Part 2/2
How Attackers Abuse Auto-Elevation As we’ve previously mentioned, auto-elevation doesn’t grant magical powers to every user; a standard (non-admin) user cann...
When Computer Says Yes (automatically): Understanding UAC Auto-Elevation – Part 1/2
Windows systems have long wrestled with the balance between usability and security; we joke about how every other version of Windows is “the bad version”, wh...
Do You Trust GPO Trustees?
Introduction Group Policy Objects (or GPOs) are a valuable and necessary pillar of any Windows-based organization. They enforce various rules and definitions...
BASk in The Glory of Breach & Attack Simulations?
Introduction One of the most popular (and “sexy”) fields in cyber-security is the field of penetration testing (or “pen-testing” \ “PT” for short); it is als...
#c (1)
Windows Shellcode Injection: A Technical Reference
A technical reference covering the most common process injection techniques used in Windows malware — VirtualAllocEx/WriteProcessMemory, APC injection, early...
#enumeration (1)
PowerShell Active Directory Enumeration Without RSAT
RSAT isn't always available and importing PowerView raises flags. This post covers native PowerShell techniques for enumerating Active Directory — users, gro...
#evasion (1)
EDR Evasion Using Indirect Memory Writing
Throwback to college When I started my Bachelor’s Degree in Computer Science, one of our first courses was an introduction to C++, where we learned all about...
#injection (1)
Windows Shellcode Injection: A Technical Reference
A technical reference covering the most common process injection techniques used in Windows malware — VirtualAllocEx/WriteProcessMemory, APC injection, early...
#malware-analysis (1)
Windows Shellcode Injection: A Technical Reference
A technical reference covering the most common process injection techniques used in Windows malware — VirtualAllocEx/WriteProcessMemory, APC injection, early...
#powershell (1)
PowerShell Active Directory Enumeration Without RSAT
RSAT isn't always available and importing PowerView raises flags. This post covers native PowerShell techniques for enumerating Active Directory — users, gro...
#python (1)
Automating Recon with Python: A Practical Primer
Manual reconnaissance is slow and inconsistent. This post walks through building a basic but solid Python script that automates subdomain enumeration, port s...
#recon (1)
Automating Recon with Python: A Practical Primer
Manual reconnaissance is slow and inconsistent. This post walks through building a basic but solid Python script that automates subdomain enumeration, port s...
#red-team (4)
EDR Evasion Using Indirect Memory Writing
Throwback to college When I started my Bachelor’s Degree in Computer Science, one of our first courses was an introduction to C++, where we learned all about...
PowerShell Active Directory Enumeration Without RSAT
RSAT isn't always available and importing PowerView raises flags. This post covers native PowerShell techniques for enumerating Active Directory — users, gro...
Do You Trust GPO Trustees?
Introduction Group Policy Objects (or GPOs) are a valuable and necessary pillar of any Windows-based organization. They enforce various rules and definitions...
BASk in The Glory of Breach & Attack Simulations?
Introduction One of the most popular (and “sexy”) fields in cyber-security is the field of penetration testing (or “pen-testing” \ “PT” for short); it is als...
#reverse-engineering (1)
Windows Shellcode Injection: A Technical Reference
A technical reference covering the most common process injection techniques used in Windows malware — VirtualAllocEx/WriteProcessMemory, APC injection, early...
#shellcode (1)
Windows Shellcode Injection: A Technical Reference
A technical reference covering the most common process injection techniques used in Windows malware — VirtualAllocEx/WriteProcessMemory, APC injection, early...
#threat-hunting (1)
Hunting for Service Executable Hijacking
Prologue In a recent Red Team engagement my organization had, the penetration testers managed to laterally move to a Windows endpoint; since they didn’t have...
#uac (2)
When Computer Says Yes (automatically): Understanding UAC Auto-Elevation – Part 2/2
How Attackers Abuse Auto-Elevation As we’ve previously mentioned, auto-elevation doesn’t grant magical powers to every user; a standard (non-admin) user cann...
When Computer Says Yes (automatically): Understanding UAC Auto-Elevation – Part 1/2
Windows systems have long wrestled with the balance between usability and security; we joke about how every other version of Windows is “the bad version”, wh...
#velociraptor (1)
Hunting for Service Executable Hijacking
Prologue In a recent Red Team engagement my organization had, the penetration testers managed to laterally move to a Windows endpoint; since they didn’t have...
#windows (1)
Windows Shellcode Injection: A Technical Reference
A technical reference covering the most common process injection techniques used in Windows malware — VirtualAllocEx/WriteProcessMemory, APC injection, early...