Malleable Command and Control (C2) profiles provide red teamers and penetration testers with a wealth of options to modify how Cobalt…

In this blog post, we will cover HTTPS domain fronting Google hosts (google.com, mail.google.com, etc.) using Cobalt Strike.

A command kill chain consists of payload delivery, code execution on a target system, and establishing a command and control (C2) channel outside of a network. There are many ways to achieve each of these steps; for example, Microsoft Office Macro for delivery…

之前一直想下载3.8，但是没下载到，看到小伙伴留言发了一个试用版的链接（安全性未知）。链接：戳我 然后就下载了一下,发现这个并不是破解版。如下图: 所以就对其进行了简单的修改，并把方法分享给大家，以便大家使用。首先，对cobaltstrike.jar进行解压，解压以后找到common\License.class,使用jad进行反编译。12C:\Users\evi1cg\Desktop\jad>ja

A cobaltstrike noscript that integrates DDEAuto Attacks - GitHub - p292/DDEAutoCS: A cobaltstrike noscript that integrates DDEAuto Attacks

Joff Thyer // If you have been penetration testing a while, you likely have ended up in a Red Team situation or will be engaged in it soon enough. From […]

Penetration tests and red team assessments often require operators to work multiple potential attack paths or perform multiple checks concurrently. Cultivating these myriad paths is what often leads operators to success in achieving their objectives. However…

　　大家好，我是Alex。今天教大家使用tor来完成隐匿攻击，这个思路极其猥琐。这样的骚操作已经有前辈做过了，以下为参考链接。 　　https://evi1cg.me/archives/Tor_Fronting.html 　　https://www.youtube.com/wat

Author: @vysecurity

Active Directory as a C2 Really ? I was amazed when i read a blog post on AD as a C2 on @Harmj0y’s blog. Curiosity grew into me and wanted to explore it in my lab setup. Why AD as a C2? Activ…

Rhino Security Labs shows how Amazon's AWS APIs can be used for malware C2, subverting blocking and monitoring with a malware channel that uses AWS APIs.

Aggressor Script to launch IE driveby for CVE-2018-4878 - vysecurity/CVE-2018-4878

Opening CobaltStrike to a wider world. Contribute to truekonrads/bigear development by creating an account on GitHub.

My blog has moved: https://vincentyiu.co.uk