-
Diagrams: Timelines
Aren’t timelines great?! Anyone who has spoken with me will know that I am a huge fan of diagrams as a way of breaking down complex topics into easier to understand concepts. Over the past few months and years at $dayjob, I have produced a number of diagrams during the reporting phase of our internal […]
-
Attacking Password Managers: KeePass
In this two-part blog post, Ill be taking a look into attacks password managers to improve my knowledge on techniques which can be used against them. To start with, I will take a look at local password managers by looking at the sort of techniques which can be used against KeePass. The second post covers […]
-
Shodan 201: Rummaging Around The Internet
Shodan is a well known resource which is one of my go to tools for OSINT and technical enumeration. This post will cover how we can use Shodan filters in a slightly more advanced way to hunt for resources. I will start by covering some of the basics, before diving into filters and then ending […]
-
Hack The Boo
Hack The Boo was a Halloween themed CTF from Hack The Box. I could only dedicate a few hours to this, but still managed to solve 3 machines. Below is a quick writeup on the machines I did: Evaluation Deck First off, I downloaded the supplied files from the CTF site /conf/supervisord.conf shows that we […]
-
RedTeamNotes: Combining Notes & Graphs!
Intro RedTeamNotes started as a mini project to try and make a better note taking application than what was currently available. The big issue for me with apps such as Obsidian or OneNote was that whilst they have great note taking capability, they struggle to show how different notes relate to each other – unless […]
-
SharpRDPHijack: RDP Session Hijacking
Overview SharpRDPHijack by Bohops is a tool which has sat in my Twitter likes for far, far too long! In this article I am going to dig into SharpRDPHijack, as well as some alternate tooling which can also be used to perform RDP session hijacking. This technique is covered by MITRE ATT&CK under T1563.002. For […]
-
Digging Into Mimikatz’s lsadump And sekurlsa
Overview Initially, my aim with this post was to dig into Mimikatz in greater detail. I had used its more common functions during CRTO and OSCP, but had never explored its more exotic features in any depth. Mimikatz is an enormous tool, so I focused on the lsadump and sekurlsa functions, as they are commonly […]
-
OffSecOps: Using Jenkins For Red Team Tooling
Origin The inspiration for this post came from the excellent talk by Harmj0y at SO-CON 2020. I have been meaning to dig into using Jenkins to automate the building of red team tooling for some while now, but having recently completed the RTO exam, I felt it was time to have a play! The Gist […]
-
Certified Red Team Operator (CRTO) Review
Intro Having recently passed the CRTO course by RastaMouse, I felt it was only right to write a little review on it. Typically, the course has changed slightly since I sat it, with the labs now using Elastic Security in place of Splunk. Aside from this I believe the course is practically the same. TL:DR […]