Written by Rindert Kramer Introduction A while back during a penetration test of an internal network, we encountered physically segmented networks. These networks contained workstations joined to t…

C2concealer is a python3 command-line tool that generates c2 malleable profiles for use with Cobalt Strike. Looking to get up and running quick? Code is available here. C2concealer: what's the story?Red team assessments and penetration tests involve a ton…

بسم الله الرحمن الرحيم

We write about Windows Internals, Hypervisors, Linux, and Networks.

Starting April 6th, SpecterOps will be presenting a week of webinars while we collectively work from home in response to Covid-19. Each day is a different 30 minute talk given by one of our experts from our Adversary Simulation, Detection, and Adversary Resilience…

Estimated Reading Time: 4 minutes After months of releasing the first version of Octopus, I’m more than glad to announce that the stable version of Octopus is out! During the past few months, I worked with talented people to enhance Octopus capabilities and…

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost - danigargu/CVE-2020-0796

IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices. - OWASP/IoTGoat

NTLM relay is a technique of standing between a client and a server to perform actions on the server while impersonating the client. Protections such as SMB signing or MIC allow to limit the actions of an attacker. This article goes into detail about this…

While Kubernetes has many advantages, it also brings new security challenges.

What if I told you that all editions of Windows Server, from 2008R2 to 2019, are prone to a DLL Hijacking in the %PATH% directories? What if I also told you that the impacted service runs as NT AUTHORITY\SYSTEM and that the DLL loading can be triggered by…

Over the past year, the security community - specifically Red Team Operators and Blue Team Defenders - have seen a massive rise in both public and private utilization of System Calls in windows malware for post-exploitation activities, as well as for the…

Bypass AMSI and Defender using Ordinal Values. Contribute to rmdavy/AMSI_Ordinal_Bypass development by creating an account on GitHub.