Recent Red Team Posts

  • Offensive SCCM Summary
    This article aims to summarise the currently available tooling (August 2023), as well as the attack vectors which are present. My previous article covers the basics of SCCM and how to configure an SCCM lab from scratch. In summary, I … Read more
  • BloodHound & Cypher Language
    A look at the more complex features of BloodHound’s Cypher query language, with several examples of how it can be used to audit an environment.
  • BloodHound Basics
    A quick primer on the basics of BloodHound, the well-known Active Directory auditing tool
  • Attacking Password Managers: LastPass
    A look into how browser based password managers such as LastPass can be attacked via various methods.
  • RedTeamNotes: Combining Notes & Graphs!
    A quick look at a notetaking application I build whilst doing CRTO as a means of representing my notes in a directed graph to aid with red teaming
  • Digging Into Mimikatz’s lsadump And sekurlsa
    Mimikatz is a tool which has always surprised me with how many functions and features it has. In this post I dig into the lsadump and sekurlsa functions to see what all of the modules do.
  • OffSecOps: Using Jenkins For Red Team Tooling
    A quick look at how Jenkins can be used to automatically build payloads and tooling, based on the OffSecOps talk by Harmj0y.