#redteam
We need more #RedTeam thinking to contemplate the effects: https://sampathpanini.medium.com/genetic-privacy-6c4fbe0286ab
https://mega.nz/file/El5CQIZJ#J0eO0EQuJfLvGIxPSYE0pWeTE74p7gCW4e2WjGXrj34
( This is the final episode to radio freek amerika )
@thegreatape
@Soy_Magnus
( this episode features @textfiles )
Cybersecurity Resources and Learning Journey
https://github.com/MrM8BRH/CRLJ
#roadmap #osint #ddos #hacking #cybersecurity #penetratio_testing #BlueTeam #RedTeam #PurpleTeam #cybersecurity_education #cybersecurity_resources #soc_analyst #ThreatHunting #DFIR
🚨 Last Chance Alert! 🚨
Today is the FINAL DAY to sign up for Advanced Threat Emulation: Red Teams! Don't miss this opportunity to elevate your cybersecurity skills. The class begins TOMORROW!
https://www.bc-security.org/event/advanced-threat-emulation-red-teams-8/
#cybersecurity #RedTeam #infosec
Intro to Linux red teaming basic techniques
Exploitation: https://linode.com/docs/guides/linux-red-team-exploitation-techniques/
Escalation: https://linode.com/docs/guides/linux-red-team-privilege-escalation-techniques/
Persistence: https://linode.com/docs/guides/linux-red-team-persistence-techniques/
Рассматриваем мифический фреймворк C2 Mythic. Часть 1
Всех приветствую, на связи лаборатория кибербезопасности AP Security. В этой статье мы продолжим разбирать C2-фреймворки. На этот раз, мы будем изучать относительно новый фреймворк под названием Mythic . Приятного прочтения!
Tricard - Malware Sandbox Fingerprinting: https://therealunicornsecurity.github.io/Tricard/ #redteam
The Elastic Container Project for Security Research - https://www.elastic.co/security-labs/the-elastic-container-project #redteam
Flying Under The Radar – An Introductory Guide To Bypassing Microsoft Defender For Identity Detections - https://www.whiteoaksecurity.com/blog/bypassing-microsoft-defender-for-identity-detections/ #redteam
Nettitude Labs (@nettitude_labs) just released Tartarus-TpAllocInject, a loader for bypassing Endpoint Detection and Response (EDR) solutions using the Tartarus' Gate method.
💥https://github.com/nettitude/Tartarus-TpAllocInject :github:
This is a simple loader that uses indirect syscalls via the Tartarus' Gate method. This loader executes shellcode with an known WINAPI
CreateThreadPoolWaitbut I have changed things a little bit and instead, I call the underlyingTp*APIs fromNtdll.dll.
Method evolution:
Tartarus' Gate
⬆️ Halo's Gate
⬆️ Hell's Gate
avred - Analyse your malware to surgically obfuscate it: https://github.com/dobin/avred #redteam
Stealth operations: The evolution of GitLab's Red Team: https://about.gitlab.com/blog/2023/11/20/stealth-operations-the-evolution-of-gitlabs-red-team/
Creating an OPSEC safe loader for Red Team Operations - https://labs.nettitude.com/blog/creating-an-opsec-safe-loader-for-red-team-operations/ #redteam
Dans #Next : des chercheurs ont élaboré une technique d’extraction des données d’entrainement de ChatGPT
#IA #redteam
https://next.ink/118351/extraction-donnees-entrainement-ia-generatives-attaque-chatgpt/
Mythic v3.2 Highlights: Interactive Tasking, Push C2, and Dynamic File Browser: https://posts.specterops.io/mythic-v3-2-highlights-interactive-tasking-push-c2-and-dynamic-file-browser-7035065e2b3d #redteam
How GitLab's Red Team automates C2 testing - https://about.gitlab.com/blog/2023/11/28/how-gitlabs-red-team-automates-c2-testing/ #redteam
Red Team Maturity: Measuring, Reporting On, and Planning For Red Team Maturity #redteam
https://www.redteammaturity.com/release-blog
Red Team Maturity: Measuring, Reporting On, and Planning For Red Team Maturity #redteam
https://www.redteammaturity.com/release-blog
What are the odds I know someone with both a Sparrows Chaos Card and a pair of digital calipers?
🪲NtlmThief: Extracting NetNTLM without touching lsass.exe
👉 a C++ implementation of the Internal Monologue attack
👉 It allows to get NetNTLM hashes of users using SSPI
Shifting from Blue to #RedTeam? Consolidating private #offsec and #hardware notes.
Includes payloads, automation scripts, tools and references for 2024: https://github.com/Root-Down-Digital/pentesting-resources
Cool AV/EDR Bypass lab project https://xacone.github.io/BestEdrOfTheMarket.html #redteam #dfir
Looks like a fantastic #redteam training tool: an open source "EDR" that demonstrates common defensive techniques such as API Hooking, allowing both offense and defense to understand how these applications work (and don't).
https://xacone.github.io/BestEdrOfTheMarket.html
https://github.com/Xacone/BestEdrOfTheMarket
A couple of blog posts for learning about Linux process injection (specifically sshd injection for credential harvesting)
https://blog.xpnsec.com/linux-process-injection-aka-injecting-into-sshd-for-fun/
The purpose of a code of conduct isn't merely to prevent people from accidentally misstepping - it's to prevent malicious parties from corrupting the judicial process. To evaluate the code, we should #RedTeam it: imagine what harms a corrupt judge or a corrupting billionaire would be able to effect while staying within the bounds the code sets.
Seen in that light, the code is wildly defective and absolutely not fit for purpose.
12/
This article goes into some technical details of the new Mark of the Web bypass CVE-2023-36584
Deep dive into Brute Ratel payloads part II: https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads-part-2/ #redteam #offsec
Why did I wait so long to learn about and experiment with #bloodhound ?
Red teamers hurdle AI guardrails
Demonstrates 'importance of including scientists in AI quality and safety assessments'
https://www.computing.co.uk/news/4142535/red-teamers-hurdle-ai-guardrails
Really heavily considering getting more into #RedTeam stuff. Looking at the CEH 👀
Anyone recommend it/have opinions? Happy to hear anything
@anton_chuvakin This is exactly how I'm planning to expand our CTI Tactical team. Working at the silo problem is real. Especially between us and our DE team. There's some ongoing collaboration with red team on a quarterly basis but DE is the next step. To expand current reporting, I've been incorporating D3FEND and CAR to give at least some guidance and provide my own deeper knowledge of some techniques but that's obviously not a requirement of all analysts. The goal there is for reporting to indicate defensive coverage and outline any control gaps we may face.
Any recommendations as to what sufficient data should look like from us from say a process injection technique? But I guess I could also wait for the next blog post "assuming you get nice intelligence, how to break it into detections?" :)
#RedTeam #DetectionEngineering #ThreatIntel
With a fair wind behind us, we'll see an updated @mitreattack matrix later today.
#att&ck, #redteam, #blueteam, #threatintel
anyone knows where to get Rubber Duckys on the EU?
@whatshisface talks the future of ATT&CK for Linux as part of his yearly update at ATT&CKCon...
#att&ck, #redteam, #blueteam, #threatintel, #linux
What are the current best Win7 eternal-day? #redteam #offensivecyber
Notable that FiGHT 2.0 is out: https://fight.mitre.org. New techniques include attacks on O-RAN, 5G, and UE.
Any CS operators have pointers to Linux beacons? I’m getting ready for CRTO and was doing an HtB lab as prep—but initial compromise is a linux box! LOL. #RedTeam #InfoSec #CobaltStrike
Evading EDR Final edition is finally out! I got the book during early access and it was amazing. My first real dive into EDRs so some concepts were over my head but I plan to revisit it now that I’ve had more experience since then. #EDR #RedTeam #PurpleTeam
✨ The CVE-2023-44487 vulnerability was already reported in March 2022 with POC and got fixed in Rust Hyper crate (CVE-2023-26964)
My red teaming platform Molotov is finally feature complete! This thing has it all: a multi-user team server with a slick web UI built in React, all of the C2 features are scriptable via API, custom stagers and payloads for Windows, Linux, and Mac, a flagship agent with a bunch of tunable EDR-evasion and code injection techniques, synchronous and asynchronous C2 protocols, relaying and pivoting (say goodbye to proxychains!), a bunch of custom post-exploitation modules for things like cred dumping and privesc, and more.
Next up: testing, documentation, and eventually some demo vids!
Hey redteamers, in case you haven't been following the drama with Crackmapexec, well, you may want to bookmark this fork of the project, as Porchetta Industries is shutting down and the development future seems uncertain. This fork is from the active devs. https://github.com/Pennyw0rth/NetExec
#InfoSec #CyberSecurity #RedTeam
@hackinarticles
Evolution of Operations
#infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips
Amazing blog post from TrustedSec about Okta for Red Teamers. Great work!
I am in the job market for a remote red team or offensive security engineer role. I am seasoned full-stack software developer, a OSCP-certified pentester (currently working on CRTO), and system administrator with plenty of cloud experience.
Before my current role leading the IT & Cybersecurity team at NNAF, I did security research (including developing an improved reflective DLL injection technique [0] that helped inspire the widely used sRDI project [1][2] and has been cited by academics and other security researchers [3][4][5]) and performed pentesting and appsec for a variety of clients from global hedge funds to healthcare to aerospace engineering. Prior to that I did low-level embedded firmware development and experimental research for a wireless mesh networking platform.
For the last year I have been building an advanced, fully-featured red teaming/adversary simulation platform (which I am happy to demo for potential employers), including a web-based multi-user team server, scriptable API, a cross-platform flagship agent with novel evasion techniques, a variety of cross-platform payloads and stagers, relaying and pivoting, and an easily-extensible set of C2 protocols, both synchronized and asynchronous.
I am an excellent verbal and written communicator, comfortable translating highly technical topics for a variety of audiences from executives to engineers, and have consistently produced high quality reports for clients. I have experience programming in almost a dozen languages and am quick to learn new technologies.
Boosts appreciated!
[0] https://disman.tl/2015/01/30/an-improved-reflective-dll-injection-technique.html
[1] https://www.netspi.com/blog/technical/adversary-simulation/srdi-shellcode-reflective-dll-injection/
[2] https://github.com/monoxgas/sRDI
[3] https://www.oic-cert.org/en/journal/pdf/1/1/116.pdf
[4] https://euskalhack.org/securitycongress/PDF/Understanding_a_payload's_life.pdf
[5] https://posts.specterops.io/merlin-v0-7-0-release-roll-up-717739cde77a
#infosecjobs #redteam #redteaming #pentesting #fedihire #FediHired #jobs #jobhunting #JobSearch #malware #malwaredev #maldev #hireme
How to achieve persistence on Linux
This week in Linux red vs blue land:
https://github.com/timb-machine/linux-malware/compare/main@%7B7day%7D...main
Including:
* @reversinglabs reports a sighting of a new malware family called Spirit or Gwisin
* We independently found a copy of Spirit in GitHub as left overs from an unknown DFIR investigation and snarfed it for the repo
* We've added samples of Conti and Merlin (see https://infosec.exchange/@timb_machine/110957806917291066)
* We also have a MESSAGETAP sample to examine
* New XMRig sightings
* Reviewing last weeks articles from Intel471 and BlackBerry's comparisons of Conti and Monti yields nothing Linux specific :(
* There are however some fresh insights from other quarters on the same topic
* @signalblur discusses Linux ransomware
* My colleagues at @TalosSecurity report that the North Koreans are using DeimosC2
* We've added references to a couple more tools and techniques
* We've spotted another piece of malware bind mounting /proc...
We spoke at the @reconvillage this year at @defcon
Here is our talk and research:
https://www.youtube.com/watch?v=_5yEfCdOCGQ
https://github.com/ResearchandDestroy/DorXNG
https://github.com/ResearchandDestroy/BDR
#OSINT #InfoSec #RedTeam
Hi Red Team buddies, I have a bit of a sad one I'm afraid.
A friend died around New Years. She ran a business and her family are now getting in contact with me at the cyber person they know because they can't get into her computer.
I've had a look at it, but I can't get into it via normal means because the phone contract is cancelled (7 months ago) and the family have accidentally locked everyone out of the phone.
So at this point, I'm out of anything except reaching out to you all and hoping someone knows a Red Team person/company that may be able to get into a Macbook. It's getting quite important because all of the business info is on it. I don't do Apple stuff, and I don't have any sort of set up for this.
She was a great friend and is dearly missed and I'd love to be able to help take some pressure and stress away from her family.
Preferably UK based and happy to chat further if more info is needed.
That time of the week when I run update-repo.sh.
OooOk Fediverse,
what's the best way to follow #defcon from afar if you don't have a Twitter account. Who to follow on Fediverse. Is there great blogs? Perhaps livestreams on YouTube or twitch?
Please boost 🥳
#askfedi #askfedivers #askmsatodon #infosec #opsec #itsec #redteam #blueteam
Introduction to Process Hollowing, including how to detect it: https://www.trustedsec.com/blog/the-nightmare-of-proc-hollows-exe/
Codi - an interactive scratchpad for hackers. Learn more on Hakin9!
https://hakin9.org/codi-vim-the-interactive-scratchpad-for-hackers/
#infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource #Linux #windows
Tickets for #BSidesAugusta0xA OPENS TODAY AT NOON EST. BSidesAugusta.org/tickets (Get Tickets). #cyber #csra #AugustaGA #cybersecurity #InfoSec #blueteam #redteam #purpleteam
I work at #GitLab who is currently hiring for their #RedTeam. GitLab is #AllRemote so if you like working #remote you'll love this place.
If we actually know each other, let me know when you apply and I'll put in a good word for you. Qualifications and other details in the link.
Anyone in the #fediverse looking for a contract #redteam exercise? I'd love to hack your stuff (with permission) and promise to tell you how to fix it afterwards ;-)
This is my wallet sized covert entry EDC. All the bypass tools at the bottom fit in the back of the larger lock pick case. The smaller set in the top left is hidden in a second spot inside my wallet. I've been expanding capabilities over time as I've been learning about this profession and plan a few more additions from this point. Thanks for open sourcing your knowledge @deviantollam! #InfoSec #PhySec #RedTeam #CovertEntry
Need a quick way to check a hash against a huge database?
I've written a small but flexible Go CLI tool to query the HashMob API.
It's actually pretty damn handy if I do say so myself.
If you find it useful, stars and boosts are much appreciated ❤️
https://github.com/n0kovo/gohashmob
(just starting to learn Go, don't judge my probably horrible code 🥹)
#hacking #infosec #tools #osint #passwordcracking #passwords #passwordsecurity #hashcracking #hashlookup #hashmob #md5 #sha1 #bcrypt #pentesting #bugbounty #redteam
So no lie... being part of an internal red team and seeing the things that I could hack into last month being fixed this month and not being able to hack into it next month in the same way is awesome.
But you know what's even more awesome?!?! Having the Blue Team contact you on a intrusion alert, verifying that it was not you, and then running off to track down and stop the intruder...
...and realizing that the alert was developed because of your efforts demonstrating what those attacks look like during Purple Teams.
I never had this level of satisfaction and fulfillment during my 3rd Party PenTest consultant days.
The phrase "it gets worse" shows up way too often in these encounters.
A novice just used #ChatGPT to create terrifyingly sophisticated malware
https://www.androidauthority.com/chatgpt-malware-3310791/
A self-proclaimed novice says that he created zero-day malware using only ChatGPT. The data mining malware is nearly undetectable.
Moved Bloodhound Portable active directory tool to JAMBOREE !! Now you can pwn Android and your AD at the same time 🥳🤪🤣😇🙄
Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
You ever just dump the local SAMs on every single workstation and server in an entire environment and see the craziest accounts?
Like... what is this "backdoor" local admin account for?
And on these 20 systems over there, there's a lot of "h4x0r1337" local admin accounts with the same password on all of them....
Anyhow. I'm sure IT has their reasons.