Blog Cobalt Strike 3.0 – Advanced Threat Tactics Cobalt Strike’s mission is to help security professionals emulate “advanced threat tactics” during their engagements. I’ve executed on this since the product’s 2012 release. Cobalt
Blog Rethinking Reporting for Red Team Operations Cobalt Strike 3.0 is coming in a few weeks. This upcoming release is the result of a large engineering effort that paralleled my existing efforts
Blog Raphael’s Magic Quadrant BlackHat is about to start in a few days. I think this is an appropriate time to share a non-technical, business only post. There is
Blog Cobalt Strike 2.5 – Advanced Pivoting I spend a lot of my red time in the Access Manager role. This is the person on a red team who manages callbacks for
Blog WinRM is my Remote Access Tool One of my favorite blog posts last year was Adversary Tricks and Treats from CrowdStrike. In this post, CrowdStrike details the tradecraft of an actor
Blog Models for Red Team Operations Recently, I had an email from someone asking for a call to discuss different models of red team operations. This gentlemen sees his team as
Blog How to Pass-the-Hash with Mimikatz I’m spending a lot of time with mimikatz lately. I’m fascinated by how much capability it has and I’m constantly asking myself, what’s the best
Blog An unnecessary addiction to DNS communication I regularly hear stories from my users about how they got past a tough situation and had success that they claim was not possible without
Blog 2015’s Red Team Tradecraft “There is a theory which states that if ever anyone discovers exactly what the Universe is for and why it is here, it will instantly
Blog So, you won a regional and you’re headed to National CCDC The 2015 National CCDC season started with 100+ teams across 10 regions. Now, there are 10 teams left and they’re headed to the National CCDC