During attack Simulation, you may face Symantec Email Security Cloud (Message Lab ) while conducting a phishing campaign. Message Lab stops known and unknown techniques while delivering malicious email content. The Email Security.cloud service helps organizations combat these threats through advanced perimeter defenses and our proprietary SkepticTM technologies. Operating at the Internet level with automatic … Read more
In this blog, I am going to explain some of the unique features of 0xsp mongoose, which I am sure most of the red teamers still didn’t try to explore the powerful tactics of this framework. so take a chance to spend 2 minutes to read these two unique features Lateral movements Lateral movement refers … Read more
Gathering information Stage port scanning Nmap Network exploration tool and security/ port scanner nmap [Scan Type] [Options] {target specification} HOST DISCOVERY: -sL: List Scan – simply list targets to scan -sn/-sP: Ping Scan – disable port scan -Pn: Treat all hosts as online — skip host discovery SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP … Read more
introduction DNS is one of the core services of the current Internet. It is used not only for obvious benign purposes but also for malicious use. For example, we can see its usage in botnet command and control servers (C&C), phishing sites, or download sites with malicious code. DNS exfiltration is the unauthorized transfer of … Read more
Introduction Recently Mailgun security team published an article on their blog warning internet users about new scammed email messages targeting users and describing how much these messages are becoming legitimate and even making it worse for users to know if it is legitimate or fake. While I was reading some of the received emails, I … Read more
Introduction During red teaming operation, Lateral movement or known as an east-west movement refers to the technique to move deeper into a network. Such an attack allows a threat actor to avoid detection and retain persistent access. This newly published research explains how to take advantage of windows services, it details how to mimic windows … Read more
There is more? Recently a Security researcher @jonhat discovered a zero-day vulnerability in the plug-and-play Razer Synapse installation that allows users to gain SYSTEM privileges on a Windows device quickly. by plugging the Razer mouse into the system, windows 10 will download the suitable software and start the process of driver installation. Since the process … Read more
through a red teaming assessment you may face some of the restrictions due to policy enforcement / EDR / app whitelisting ..etc., so in this article, I am going to cover most of the techniques that may be useful to bypass environment restrictions abusing writable paths on some of the windows ten builds there are … Read more
Intro Gophish is a powerful, easy-to-use, open-source phishing toolkit meant to help pentesters and businesses conduct real-world phishing simulations. This user guide introduces Gophish and shows how to use the software, building a complete campaign from start to finish. the usage of gophish and very neat installation procedures inspired by note post on ired.team blog … Read more
Intro XLM (macro 4.0 ) is considered an excellent technique for red team operations since XLM is challenging to analyze and makes it hard for anti-virus solutions to detect it. In contrast, most of anti-virus engines will detect VBA. It seems natural to bypass primary anti-virus, but it is challenging to beat enterprise solutions that … Read more
