I’m very interested in supporting alternative remote administration tools in Cobalt Strike. Meterpreter is awesome as an active RAT, but I need something less chatty to hold my accesses when I’m not using them. I plan to talk about about this in my upcoming Dirty Red Team Tricks II talk. In this post, I’d like […]
Read More… from Delivering custom payloads with Metasploit using DLL injection
Recently, there was an interesting discussion on the metasploit-framework mailing list about the staging protocol for Meterpreter. egypt let loose with some wisdom about what it would take to write a client to download and execute a payload from a Metasploit Framework multi/handler. mihi completed the discussion by advising where to place the socket value, […]
Currently, I’m debating a class of social engineering “packages” to force SMB requests against an attacker controlled system. Ideas include packages to generate LNK files, host a WPAD server, etc. This created a bit of an identity crisis though. I see Cobalt Strike as a tool for a penetration tester to emulate the capabilities of a motivated […]
Read More… from Covert VPN – Layer 2 Pivoting for Cobalt Strike
At BSides Las Vegas, I talked about Force Multipliers for Red Team Operations. In this talk, I shared several stories about how my evil bots stole passwords, instantly installed back doors, and generally wreaked havoc on college students defending (sometimes) unpatched systems. Today, Iād like to introduce you to the technology behind this havoc: Cortana. You may know Armitage: a […]
Read More… from Cortana: real-time collaborative hacking… with bots
James Webb has an interesting blog post on how to use Armitage to manage a pen test through Amazon’s Elastic Computing Cloud. He does a good job articulating the benefits which include using Amazon’s EC2 to test your security from an outside in perspective or using it as a central point for a distributed red […]
Read More… from Use Armitage and Cobalt Strike on Amazon’s EC2
Last week, I received a grant from DARPA through the Cyber Fast Track program. I consider this a big milestone in my personal career. If you’re an independent researcher or entrepreneur, bent on making your ideas real, then this program is for you. This blog post will give you my experience applying and getting funded […]