Hacking like APT
Lately, I’ve seen several announcements, presentations, and blog posts about “hacking like” Advanced Persistent Threat. This new wave of material focuses on mapping features in
Offense in Depth
I regularly receive emails along the lines of “I tried these actions and nothing worked. What am I doing wrong?” Hacking tools are not magical
Two Years of Fast and Easy Hacking
Today marks the two-year anniversary of the release of Armitage. My goal was to create a collaboration tool for exercise red teams. I wanted to show
Advanced Threat Tactics Training
I share a lot from my experiences playing on exercise red teams. I talk about the tactics to collaborate, persist on systems, and challenge network defenders
Dirty Red Team Tricks II at Derbycon 2.0
Last year, I spoke on Dirty Red Team Tricks at Derbycon. This talk was a chance to share what I had used at the Collegiate
Delivering custom payloads with Metasploit using DLL injection
I’m very interested in supporting alternative remote administration tools in Cobalt Strike. Meterpreter is awesome as an active RAT, but I need something less chatty
A loader for Metasploit’s Meterpreter
Recently, there was an interesting discussion on the metasploit-framework mailing list about the staging protocol for Meterpreter. egypt let loose with some wisdom about what
Covert VPN – Layer 2 Pivoting for Cobalt Strike
Currently, I’m debating a class of social engineering “packages” to force SMB requests against an attacker controlled system. Ideas include packages to generate LNK files,
Cobalt Strike 1.44 Update
Cobalt Strike 1.44/16 Aug 12 is now available. Here are some of the changes: This release also fixes several bugs, improves usability for a few Metasploit(r)
Cortana: real-time collaborative hacking… with bots
At BSides Las Vegas, I talked about Force Multipliers for Red Team Operations. In this talk, I shared several stories about how my evil bots stole passwords,