Jan 10, 2019 · Browser Pivoting This feature enables an attacker riding on compromised user's browsing sessions. The way this attack works is best explained with an example:

What is ired.team notes? These are notes about all things focusing on, but not limited to, red teaming and offensive security.

# Cobalt Strike 101 This lab is for exploring the advanced penetration testing / post-exploitation tool Cobalt Strike. ## Definitions * Listener - a service running on the attacker's C2 server that …

May 20, 2019 · A very old and noisy lateral movement technique can be performed using psexec by SysInternals.

References rpcclient www.samba.org impacket/examples at master · fortra/impacket GitHub https://www.cobaltstrike.com/help-socks-proxy-pivoting www.cobaltstrike.com

Hijacking connections without injections: a ShadowMoving approach to the art of pivoting | AdeptsOf0xCC Hijacking connections without injections: a ShadowMoving approach to the art …

AV Bypass with Metasploit Templates and Custom Binaries Evading Windows Defender with 1 Byte Change Bypassing Windows Defender: One TCP Socket Away From Meterpreter and …

EDR / AV EvasionThe way EDR vendors hook userland APIs is by hijacking/modifying function definitions (APIs) found in Windows DLLs such as kernel32/kernelbase and ntdll. Function …

# Enumerating Windows Domains with rpcclient through SocksProxy == Bypassing Command Line Logging This lab shows how it is possible to bypass commandline argument ...

May 6, 2019 · A pipe is a block of shared memory that processes can use for communication and data exchange. Named Pipes is a Windows mechanism that enables two unrelated processes …