proc_inj_win_thr_pool.pdf
4.8 MB
#Red_Team_Tactics
Black Hat Europe 2023:
"New Process Injection Techniques Using Windows Thread Pools".
]-> https://github.com/SafeBreach-Labs/PoolParty
]-> https://www.safebreach.com/blog/process-injection-using-windows-thread-pools
Black Hat Europe 2023:
"New Process Injection Techniques Using Windows Thread Pools".
]-> https://github.com/SafeBreach-Labs/PoolParty
]-> https://www.safebreach.com/blog/process-injection-using-windows-thread-pools
Windows rootkit development for red teaming and adversary emulation
Excellent series by
@Idov31
Part 1:
https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
Part 2:
https://idov31.github.io/2022/08/04/lord-of-the-ring0-p2.html
Part 3:
https://idov31.github.io/2022/10/30/lord-of-the-ring0-p3.html
Part 4:
https://idov31.github.io/2023/02/24/lord-of-the-ring0-p4.html
PArt 5:
https://idov31.github.io/2023/07/19/lord-of-the-ring0-p5.html
−−−−−−−−−−−−−−−−−−−−−−
#windows , #infosec , #rootkit , #red_team , #adversary_emulation
Excellent series by
@Idov31
Part 1:
https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
Part 2:
https://idov31.github.io/2022/08/04/lord-of-the-ring0-p2.html
Part 3:
https://idov31.github.io/2022/10/30/lord-of-the-ring0-p3.html
Part 4:
https://idov31.github.io/2023/02/24/lord-of-the-ring0-p4.html
PArt 5:
https://idov31.github.io/2023/07/19/lord-of-the-ring0-p5.html
−−−−−−−−−−−−−−−−−−−−−−
#windows , #infosec , #rootkit , #red_team , #adversary_emulation
🤔3👍1
How to Leverage Internal Proxies for Lateral Movement, Firewall Evasion, and Trust Exploitation
https://practicalsecurityanalytics.com/how-to-leverage-internal-proxies-for-lateral-movement-firewall-evasion-and-trust-exploitation
#red_team ,#lateral_movemnt
--------
@islemolecule_source
https://practicalsecurityanalytics.com/how-to-leverage-internal-proxies-for-lateral-movement-firewall-evasion-and-trust-exploitation
#red_team ,#lateral_movemnt
--------
@islemolecule_source
Microsoft has observed a subset of Iran-based threat actor Mint Sandstorm (PHOSPHORUS) employing new TTPs to improve initial access, defense evasion, and persistence in campaigns targeting individuals at universities and research orgs.
https://www.microsoft.com/en-us/security/blog/2024/01/17/new-ttps-observed-in-mint-sandstorm-campaign-targeting-high-profile-individuals-at-universities-and-research-orgs/
#TTP , #red_team
———
@islemolecule_source
https://www.microsoft.com/en-us/security/blog/2024/01/17/new-ttps-observed-in-mint-sandstorm-campaign-targeting-high-profile-individuals-at-universities-and-research-orgs/
#TTP , #red_team
———
@islemolecule_source
Event Log Tampering .
[ 1 ] Disrupting the EventLog Service
[ 2 ] Manipulating Individual Event Logs
[ 3 ] Combining Techniques
#red_team , #windows_internls
———
@islemolecule_source
[ 1 ] Disrupting the EventLog Service
[ 2 ] Manipulating Individual Event Logs
[ 3 ] Combining Techniques
#red_team , #windows_internls
———
@islemolecule_source
👍1
I am working on a #red_team course. There are 3 prerequisites. The course is based on mitre tactics and I'm working on the simulations on techniques labs/material.
I am happy to hear your comments
credit : @soheilsec
https://gist.github.com/soheilsec/8310eea7913de6457f0dd89614fd843c
I am happy to hear your comments
credit : @soheilsec
https://gist.github.com/soheilsec/8310eea7913de6457f0dd89614fd843c
👍2🤔2
An Introduction to Bypassing User Mode EDR Hooks .
malwaretech.com/2023/12/an-i…
#EDR , #red_team #windows_internls
———
@islemolecule_source
malwaretech.com/2023/12/an-i…
#EDR , #red_team #windows_internls
———
@islemolecule_source
❤4
Red team road map
Intern / junior / medium / senior
Red team needed concepts
Credit : Sohiel Hashemi
https://xmind.app/m/9Zcnkq
#red_team ,
———
@islemolecule_source
Intern / junior / medium / senior
Red team needed concepts
Credit : Sohiel Hashemi
https://xmind.app/m/9Zcnkq
#red_team ,
———
@islemolecule_source
😁6🎃4❤1👍1
C2 Development Series 4/4
credit : @preemptdev
[ 01 ] Introduction
[ 02 ] The C2 Architecture
[ 03 ] Building the Team Server
[ 04 ] Writing a C2 Implant
#C2 , #red_team ,
———
@islemolecule_source
credit : @preemptdev
[ 01 ] Introduction
[ 02 ] The C2 Architecture
[ 03 ] Building the Team Server
[ 04 ] Writing a C2 Implant
#C2 , #red_team ,
———
@islemolecule_source
❤6😱3
A Trip Down Memory Lane
Antivirus evasion has quickly become one of the most overwritten topics, with endless articles on writing shellcode loaders and other evasive stageless droppers.
https://gatari.dev/posts/a-trip-down-memory-lane/
credit : @gatariee
#AV , #red_team
Antivirus evasion has quickly become one of the most overwritten topics, with endless articles on writing shellcode loaders and other evasive stageless droppers.
https://gatari.dev/posts/a-trip-down-memory-lane/
credit : @gatariee
#AV , #red_team