BloodHound & Cypher Language

A look at the more complex features of BloodHound's Cypher query language, with several examples of how it can be used to audit an environment.

BloodHound Basics

A quick primer on the basics of BloodHound, the well-known Active Directory auditing tool

Diagrams: Timelines

Ever wanted to make better diagrams and timelines for your red team reports? I will cover some ideas on how to better structure them.

Attacking Password Managers: KeePass

A look into how client based password managers such as KeePass can be attacked via various methods.

Shodan 201: Rummaging Around The Internet

Some tips and tricks for how to use Shodan and its powerful filters to accurately query the internet!

Hack The Boo

Hack The Boo was a Halloween themed CTF from Hack The Box. I could only dedicate a few hours to this, but still managed to solve 3 machines. Below is a quick writeup on the machines I did: Evaluation Deck First off, I downloaded the supplied files from the CTF site /conf/supervisord.conf shows that we … Continue reading Hack The Boo →

RedTeamNotes: Combining Notes & Graphs!

A quick look at a notetaking application I build whilst doing CRTO as a means of representing my notes in a directed graph to aid with red teaming

SharpRDPHijack: RDP Session Hijacking

A look at RDP session hijacking using SharpRDPHijack, Mimikatz and TSCon. This technique allows us to interact with disconnected RDP sessions.

Digging Into Mimikatz’s lsadump And sekurlsa

Mimikatz is a tool which has always surprised me with how many functions and features it has. In this post I dig into the lsadump and sekurlsa functions to see what all of the modules do.