We need more #RedTeam thinking to contemplate the effects: https://sampathpanini.medium.com/genetic-privacy-6c4fbe0286ab
🚨 Last Chance Alert! 🚨
Today is the FINAL DAY to sign up for Advanced Threat Emulation: Red Teams! Don't miss this opportunity to elevate your cybersecurity skills. The class begins TOMORROW!
#cybersecurity #RedTeam #infosec
Intro to Linux red teaming basic techniques
Рассматриваем мифический фреймворк C2 Mythic. Часть 1
Всех приветствую, на связи лаборатория кибербезопасности AP Security. В этой статье мы продолжим разбирать C2-фреймворки. На этот раз, мы будем изучать относительно новый фреймворк под названием Mythic . Приятного прочтения!
The Elastic Container Project for Security Research - https://www.elastic.co/security-labs/the-elastic-container-project #redteam
Flying Under The Radar – An Introductory Guide To Bypassing Microsoft Defender For Identity Detections - https://www.whiteoaksecurity.com/blog/bypassing-microsoft-defender-for-identity-detections/ #redteam
This is a simple loader that uses indirect syscalls via the Tartarus' Gate method. This loader executes shellcode with an known WINAPI
CreateThreadPoolWaitbut I have changed things a little bit and instead, I call the underlying
Stealth operations: The evolution of GitLab's Red Team: https://about.gitlab.com/blog/2023/11/20/stealth-operations-the-evolution-of-gitlabs-red-team/
Creating an OPSEC safe loader for Red Team Operations - https://labs.nettitude.com/blog/creating-an-opsec-safe-loader-for-red-team-operations/ #redteam
Dans #Next : des chercheurs ont élaboré une technique d’extraction des données d’entrainement de ChatGPT
Mythic v3.2 Highlights: Interactive Tasking, Push C2, and Dynamic File Browser: https://posts.specterops.io/mythic-v3-2-highlights-interactive-tasking-push-c2-and-dynamic-file-browser-7035065e2b3d #redteam
How GitLab's Red Team automates C2 testing - https://about.gitlab.com/blog/2023/11/28/how-gitlabs-red-team-automates-c2-testing/ #redteam
Includes payloads, automation scripts, tools and references for 2024: https://github.com/Root-Down-Digital/pentesting-resources
Looks like a fantastic #redteam training tool: an open source "EDR" that demonstrates common defensive techniques such as API Hooking, allowing both offense and defense to understand how these applications work (and don't).
A couple of blog posts for learning about Linux process injection (specifically sshd injection for credential harvesting)
The purpose of a code of conduct isn't merely to prevent people from accidentally misstepping - it's to prevent malicious parties from corrupting the judicial process. To evaluate the code, we should #RedTeam it: imagine what harms a corrupt judge or a corrupting billionaire would be able to effect while staying within the bounds the code sets.
Seen in that light, the code is wildly defective and absolutely not fit for purpose.
Deep dive into Brute Ratel payloads part II: https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads-part-2/ #redteam #offsec
Red teamers hurdle AI guardrails
Demonstrates 'importance of including scientists in AI quality and safety assessments'
Really heavily considering getting more into #RedTeam stuff. Looking at the CEH 👀
Anyone recommend it/have opinions? Happy to hear anything
@anton_chuvakin This is exactly how I'm planning to expand our CTI Tactical team. Working at the silo problem is real. Especially between us and our DE team. There's some ongoing collaboration with red team on a quarterly basis but DE is the next step. To expand current reporting, I've been incorporating D3FEND and CAR to give at least some guidance and provide my own deeper knowledge of some techniques but that's obviously not a requirement of all analysts. The goal there is for reporting to indicate defensive coverage and outline any control gaps we may face.
Any recommendations as to what sufficient data should look like from us from say a process injection technique? But I guess I could also wait for the next blog post "assuming you get nice intelligence, how to break it into detections?" :)
#RedTeam #DetectionEngineering #ThreatIntel
My red teaming platform Molotov is finally feature complete! This thing has it all: a multi-user team server with a slick web UI built in React, all of the C2 features are scriptable via API, custom stagers and payloads for Windows, Linux, and Mac, a flagship agent with a bunch of tunable EDR-evasion and code injection techniques, synchronous and asynchronous C2 protocols, relaying and pivoting (say goodbye to proxychains!), a bunch of custom post-exploitation modules for things like cred dumping and privesc, and more.
Next up: testing, documentation, and eventually some demo vids!
Hey redteamers, in case you haven't been following the drama with Crackmapexec, well, you may want to bookmark this fork of the project, as Porchetta Industries is shutting down and the development future seems uncertain. This fork is from the active devs. https://github.com/Pennyw0rth/NetExec
#InfoSec #CyberSecurity #RedTeam
Amazing blog post from TrustedSec about Okta for Red Teamers. Great work!
I am in the job market for a remote red team or offensive security engineer role. I am seasoned full-stack software developer, a OSCP-certified pentester (currently working on CRTO), and system administrator with plenty of cloud experience.
Before my current role leading the IT & Cybersecurity team at NNAF, I did security research (including developing an improved reflective DLL injection technique  that helped inspire the widely used sRDI project  and has been cited by academics and other security researchers ) and performed pentesting and appsec for a variety of clients from global hedge funds to healthcare to aerospace engineering. Prior to that I did low-level embedded firmware development and experimental research for a wireless mesh networking platform.
For the last year I have been building an advanced, fully-featured red teaming/adversary simulation platform (which I am happy to demo for potential employers), including a web-based multi-user team server, scriptable API, a cross-platform flagship agent with novel evasion techniques, a variety of cross-platform payloads and stagers, relaying and pivoting, and an easily-extensible set of C2 protocols, both synchronized and asynchronous.
I am an excellent verbal and written communicator, comfortable translating highly technical topics for a variety of audiences from executives to engineers, and have consistently produced high quality reports for clients. I have experience programming in almost a dozen languages and am quick to learn new technologies.
This week in Linux red vs blue land:
* @reversinglabs reports a sighting of a new malware family called Spirit or Gwisin
* We independently found a copy of Spirit in GitHub as left overs from an unknown DFIR investigation and snarfed it for the repo
* We've added samples of Conti and Merlin (see https://infosec.exchange/@timb_machine/110957806917291066)
* We also have a MESSAGETAP sample to examine
* New XMRig sightings
* Reviewing last weeks articles from Intel471 and BlackBerry's comparisons of Conti and Monti yields nothing Linux specific :(
* There are however some fresh insights from other quarters on the same topic
* @signalblur discusses Linux ransomware
* My colleagues at @TalosSecurity report that the North Koreans are using DeimosC2
* We've added references to a couple more tools and techniques
* We've spotted another piece of malware bind mounting /proc...
Hi Red Team buddies, I have a bit of a sad one I'm afraid.
A friend died around New Years. She ran a business and her family are now getting in contact with me at the cyber person they know because they can't get into her computer.
I've had a look at it, but I can't get into it via normal means because the phone contract is cancelled (7 months ago) and the family have accidentally locked everyone out of the phone.
So at this point, I'm out of anything except reaching out to you all and hoping someone knows a Red Team person/company that may be able to get into a Macbook. It's getting quite important because all of the business info is on it. I don't do Apple stuff, and I don't have any sort of set up for this.
She was a great friend and is dearly missed and I'd love to be able to help take some pressure and stress away from her family.
Preferably UK based and happy to chat further if more info is needed.
Introduction to Process Hollowing, including how to detect it: https://www.trustedsec.com/blog/the-nightmare-of-proc-hollows-exe/
If we actually know each other, let me know when you apply and I'll put in a good word for you. Qualifications and other details in the link.
This is my wallet sized covert entry EDC. All the bypass tools at the bottom fit in the back of the larger lock pick case. The smaller set in the top left is hidden in a second spot inside my wallet. I've been expanding capabilities over time as I've been learning about this profession and plan a few more additions from this point. Thanks for open sourcing your knowledge @deviantollam! #InfoSec #PhySec #RedTeam #CovertEntry
Need a quick way to check a hash against a huge database?
I've written a small but flexible Go CLI tool to query the HashMob API.
It's actually pretty damn handy if I do say so myself.
If you find it useful, stars and boosts are much appreciated ❤️
(just starting to learn Go, don't judge my probably horrible code )
So no lie... being part of an internal red team and seeing the things that I could hack into last month being fixed this month and not being able to hack into it next month in the same way is awesome.
But you know what's even more awesome?!?! Having the Blue Team contact you on a intrusion alert, verifying that it was not you, and then running off to track down and stop the intruder...
...and realizing that the alert was developed because of your efforts demonstrating what those attacks look like during Purple Teams.
I never had this level of satisfaction and fulfillment during my 3rd Party PenTest consultant days.
The phrase "it gets worse" shows up way too often in these encounters.
A novice just used #ChatGPT to create terrifyingly sophisticated malware
A self-proclaimed novice says that he created zero-day malware using only ChatGPT. The data mining malware is nearly undetectable.
Moved Bloodhound Portable active directory tool to JAMBOREE !! Now you can pwn Android and your AD at the same time 🥳🤪🤣😇🙄
Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)
You ever just dump the local SAMs on every single workstation and server in an entire environment and see the craziest accounts?
Like... what is this "backdoor" local admin account for?
And on these 20 systems over there, there's a lot of "h4x0r1337" local admin accounts with the same password on all of them....
Anyhow. I'm sure IT has their reasons.