Yes, Red Team is sexy, I’m a Red Teamer and it’s the Hype!!. Who doesn’t like the rush of being a bad guy and hacking into a Network Infrastructure while trying to be as OPSEC on a Network. I’ve known a few Offensive Researchers that have some sort of a Blue Team background, they all … Continue reading Playing Blue
It’s been a while seen a recent post, and I would like to start blogging again in the Red Team category, I wanted to start this blog with a review on the CRTO course, an amazing and friendly course to jump onto Red Teaming knowledge. The Certified Red Team Operator course by ZeroPoint Security is … Continue reading CRTO Review
Turning ourselves into Ghosts “Hunting for a fileless threat can be a tedious and labor-intensive task for any analyst. It is, most often than not, extremely time-consuming and requires a significant amount of data gathering. On top of that, the traditional tools, methods, and defenses seem to be less effective when dealing with these almost … Continue reading Fileless Malware
In a current event I came across an environment where cracking hashes or tickets was not required, or basically impossible, so I started doing my research to keep track on what can we do, when we only have Hashes or Tickets in our possession some are limited to what can be done, but others are … Continue reading Playing with Hashes and Tickets
This is a path I would like to talk about since I was working on my own to get to where I finally am. A Jr Red Team Operator, now we all ask ourselves this question when we start, “Where do I start?”. Well, this used to be a difficult question to answer as even … Continue reading Starting in Red Team
We all love Exploitation and gaining access to a machine elevate our privileges and gain that SYSTEM, Administrator, Domain Admin Shell. It’s a rush that us as hackers love to see when we try to gain access to a box “Meterpreter Session 1 Opened”, Beacon, Grunt, etc. Oof hasn’t that been one of the most … Continue reading The Importance of Enumeration
We all know the glorious Impacket tools, very well known in the Cybersecurity Community and hackers among us. Today I will take a look at the Impacket tools. I was recently surprised by how these tools get detected and why are they found while Threat Hunting, I also wanted to understand on why it was … Continue reading A Dive on SMBEXEC
Hi Everyone, I currently want to share a new and updated gitbook from my previous one Red Team Notes, I currently manage to categories the MITRE ATTACK Framework and mostly focused on Windows Attacks. (I wanted to add other’s but unfortunately it’s resources that I do not have). When I started the Red Team learning … Continue reading Red Team Notes 2.0
OK, let’s talk about AV Evasion, the first thing I should mention is “How do AV’s work?”. Let’s understand how AV’s flag,our malware in a very simple way there are 3 methods,but I will only be talking about 2. And these are very simple to understand. Signature Based: Easy right? A signature is created for … Continue reading Av Evasion (Revisited)
Error 404 So I know I have been quite inactive lately on my blog, but all in good reason, mostly practicing techniques, writing techniques, creating Demos, writing code in C++, C# and Python3. I have been quite on the move this very sedentary year with learning more Cybersecurity and more specially Red Team related stuff. … Continue reading 2020 (Error 404)
Today I will talk about persistence, the technique used by adversaries to maintain their foothold on your network. It mainly consists of techniques used by adversaries to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Many tools are great for these techniques and I will demonstrate … Continue reading Persistence Techniques
In today’s Episode of Red-Teaming we will talk about Privilege Escalation a valuable Technique when trying to gain higher privileges on a machine, we want to achieve this Goal because we want UNRESTRICTED access onto the machine we are targeting. In this part the APT is trying to gain higher privileges on the Machine There … Continue reading Privilege Escalation
DMCXBLUE 