Blog

What’s in a Team Server?
Clients (like Armitage) interface with the Metasploit Framework through its Remote API. The Remote API is a way for clients to call functions in the
How to Inject Shellcode from Java
Cobalt Strike’s Java Applet attacks inject shellcode into memory. Injecting into memory is valuable as it helps get past application whitelisting and can help evade
Red Team Data Collection
In 2011, I participated in an exercise. The exercise ran for 60 hours straight, forcing the red team to work in shifts. The event was
Goading Around Firewalls
Last weekend, I was enjoying the HackMiami conference in beautiful Miami Beach, FL. On Sunday, they hosted several hacking challenges in their CTF room. One
Red Team Training at BlackHat USA
Before developing Cobalt Strike, I conducted interviews with several penetration testing practitioners. I wanted to dig into their process, the tools they used, the gaps