Man-in-the-Browser Session Hijacking
Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker
Reverse Meterpreter Connect-backs through a Compromised Host
<update 03:30pm> I’ve had some feedback that this post describes a concept that is too basic to put into blog form. I can see where this
Cobalt Strike 1.48 – Peer-to-peer C&C
Iām pleased to announce Cobalt Strike 1.48. This release introduces a peer-to-peer data channel for Beacon, improves browser pivoting, and updates the signed applet attack with
Evade Egress Restrictions with Staged Payloads
Sometimes, it’s easy to get code execution in a network, but very difficult to egress out of it. When you are an external actor trying
Schtasks Persistence with PowerShell One Liners
One of my favorite Metasploit Framework modules is psh_web_delivery. You can find it in exploits -> windows -> misc. This module starts a local web
Getting the Most from Armitage’s Console
I have a philosophy. Armitage should make common actions simple and efficient. As soon as you need to break away into an uncommon action, use
Tradecraft – Red Team Operations Course and Notes
A few days ago, I posted the YouTube playlist on Twitter and it’s made a few rounds. That’s great. This blog post properly introduces the
The ACE Problem Solving Method (I use this)
The reason I’m in security today is because of the US Air Force’s Advanced Course in Engineering Cyber Security internship program. I turned down an internship at
Email Delivery – What Pen Testers Should Know
I get a lot of questions about spear phishing. There’s a common myth that it’s easy to phish. Start a local mail server and have your hacking
What’s in a Team Server?
Clients (like Armitage) interface with the Metasploit Framework through its Remote API. The Remote API is a way for clients to call functions in the