WinRM is my Remote Access Tool
One of my favorite blog posts last year was Adversary Tricks and Treats from CrowdStrike. In this post, CrowdStrike details the tradecraft of an actor
Models for Red Team Operations
Recently, I had an email from someone asking for a call to discuss different models of red team operations. This gentlemen sees his team as
How to Pass-the-Hash with Mimikatz
I’m spending a lot of time with mimikatz lately. I’m fascinated by how much capability it has and I’m constantly asking myself, what’s the best
An unnecessary addiction to DNS communication
I regularly hear stories from my users about how they got past a tough situation and had success that they claim was not possible without
2015’s Red Team Tradecraft
“There is a theory which states that if ever anyone discovers exactly what the Universe is for and why it is here, it will instantly
User-defined Storage-based Covert Communication
One of my favorite Cobalt Strike technologies is Malleable C2. This is a domain specific language for user-defined storage-based covert communication. That’s just a fancy
So, you won a regional and you’re headed to National CCDC
The 2015 National CCDC season started with 100+ teams across 10 regions. Now, there are 10 teams left and they’re headed to the National CCDC
Reverse Port Forward through a SOCKS Proxy
I had a friend come to me with an interesting problem. He had to get a server to make an outbound connection and evade some
Training Recommendations for Threat Emulation and Red Teaming
A few weeks ago, I had someone write and ask which training courses I would recommend to help setup a successful Red Team program. If
The First Five Minutes
March and April are CCDC season. This is the time of the year when teams of college students get to compete against each other as