Resources

A Red Teamer Plays with JARM
I spent a little time looking into Saleforceā€™s JARM tool released in November. JARM is an active tool to probe the TLS/SSL stack of a listening
Fighting the Toolset
What happens when your advantages become a disadvantage? That’s the theme of Fighting the Toolset. This lecture discusses Offensive PowerShell, staging, memory-injected DLLs, and remote
In-Memory Evasion
Many analysts and automated solutions take advantage of various memory detections to find injected DLLs in memory. Memory detections look at the properties (and content)