Introduction This blog post will explore how to embed malicious payload into the RDP configuration file. By leveraging the innate properties of the file extensions and specific RDP configuration parameters, I have successfully injected malicious content without impeding the file’s intended functionality. Today’s topic delves into the technical details of this defense evasion technique and … Read more
What is Zero Trust Security? Zero Trust security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. ZTNA is the main technology associated with Zero Trust architecture, but Zero Trust is a holistic … Read more
intro I recently started to do Live streaming on twitch and youtube to cover some techniques and do some live coding sessions. The first try was great, and your support is one of the key factors I look for. In this article, I will write a detailed description of the concept and how I used … Read more
intro The Windows Command Prompt (sometimes called the DOS prompt) is a tool that allows administrators to invoke system-wide commands to make administration easier and more efficient. The average user has little use for this tool. many administration prevents users to have a command prompt enabled for their access, as too is considered good practice … Read more
During attack Simulation, you may face Symantec Email Security Cloud (Message Lab ) while conducting a phishing campaign. Message Lab stops known and unknown techniques while delivering malicious email content. The Email Security.cloud service helps organizations combat these threats through advanced perimeter defenses and our proprietary SkepticTM technologies. Operating at the Internet level with automatic … Read more
In this blog, I am going to explain some of the unique features of 0xsp mongoose, which I am sure most of the red teamers still didn’t try to explore the powerful tactics of this framework. so take a chance to spend 2 minutes to read these two unique features Lateral movements Lateral movement refers … Read more
through a red teaming assessment you may face some of the restrictions due to policy enforcement / EDR / app whitelisting ..etc., so in this article, I am going to cover most of the techniques that may be useful to bypass environment restrictions abusing writable paths on some of the windows ten builds there are … Read more
Intro Gophish is a powerful, easy-to-use, open-source phishing toolkit meant to help pentesters and businesses conduct real-world phishing simulations. This user guide introduces Gophish and shows how to use the software, building a complete campaign from start to finish. the usage of gophish and very neat installation procedures inspired by note post on ired.team blog … Read more
Intro XLM (macro 4.0 ) is considered an excellent technique for red team operations since XLM is challenging to analyze and makes it hard for anti-virus solutions to detect it. In contrast, most of anti-virus engines will detect VBA. It seems natural to bypass primary anti-virus, but it is challenging to beat enterprise solutions that … Read more
Recon Elevation of Privileges General Kerberoast – For kerberos to work, times have to be within 5 minutes between attacker and victim. Juicy Potato Exploit https://github.com/ohpe/juicy-potato/releases Pick one CLSID from here according to your system https://github.com/ohpe/juicy-potato/tree/master/CLSID Required tokens SeAssignPrimaryTokenPrivilege SeImpersonatePrivilege Stored Credential Impersonating Tokens with meterpreter Lateral Movement PsExec, SmbExec, WMIExec, RDP, PTH in general. … Read more