Alternative Execution: A Macro Saga (part 1)
This is the first in a series of blogs – if you’re interested in reading the full series the links are here: part 1, part 2, part 3, part 4, […]
Red Team
DotNetToJScript – Redux
In my previous several blog posts (here, here, and here) we covered usage of a really interesting tool released about three years ago: the DotNetToJScript project (https://github.com/tyranid/DotNetToJScript). Although it’s been […]
Advanced TTPs – DotNetToJScript – Part 3
In our last blog we walked through modifying the UnmanagedPowerShell project to produce a version of PowerShellRunner that’s compatible with DotNetToJScript. The end goal in that blog was to execute […]
Advanced TTPs – DotNetToJScript – Part 2
Last time we went through an overview of the awesome DotNetToJScript project, and why you should be interested in it for your Red/Purple Team testing. In this blog we’ll cover […]
Advanced TTPs – DotNetToJScript (Part 1)
About three years ago Google Project Zero’s researcher James Forshaw released the excellent DotNetToJScript project (https://github.com/tyranid/DotNetToJScript). If you’re not familiar, it introduced an interesting method to reflectively load a .NET […]
Tales From The Red Team: Deploying Kali in Containers in Your Cloud
This is a story from one of our more recent Red Team engagements and what we did after gaining access to the target client’s environment. We breached the client’s perimeter […]
Tales From The Red Team: What the Heck is Virgo?
Our Red Team engagements generally start out as technical as possible. We start with OSINT and some light perimeter scanning to identify both human and technical targets, but we only […]
Red Teaming Guide | Part 1
So You Want a Red Team: The Primer In my former life, I was a member of an institutional Red Team at a Fortune 500 organization with several colleagues and […]