Sniffing out password reuse

Beau Bullock // Overview HostRecon is a tool I wrote in PowerShell to assist with quickly enumerating a number of items that I would typically check after gaining access to […]

In this post, I will cover how to manipulate file times on the Windows OS with a proof-of-concept tool and show examples of detection.

Posted by James Forshaw, Google Project Zero I've recently been adding native user-mode debugger support to NtObjectManager . Whenever ...

Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs - praetorian-inc/purple-team-attack-automation

Using the Service Control Manager and built-in services for lateral movement.

WMImplant is a powerful PowerShell based tool that enables its users to conduct nearly any post-exploitation action and exclusively using WMI to do so. We’ve blogged about out-of-the-box detection opportunities for WMImplant, how to copy files, searching…

Introduction Ok, I have a confession to make, I have always been somewhat intrigued by egghunters. That doesn't mean that I like to use (or abuse) an egghunter just because I fancy what it does. In fact, I believe it's a good practise to try to avoid egghunters…

Learn more about how to safeguard your company through our educational blog posts on everything from updated tech to the newest scams infiltrating organizations today.

Zone transfers are a classical way of performing reconnaissance in networks (or even from the internet). They require an insecurely configured DNS server that allows anonymous users to transfer all records and gather information about host in the network.…

The first in the new series of streams! We're building a .NET Meterpreter implementation from scratch. In this stream, we're just going over what's…

In this post we will discuss the design and implementation of peer-to-peer command and control protocols in general, as well as the…

Deploying Covenant

Code injection, evasion