It’s been a while seen a recent post, and I would like to start blogging again in the Red Team category, I wanted to start this blog with a review on the CRTO course, an amazing and friendly course to jump onto Red Teaming knowledge. The Certified Red Team Operator course by ZeroPoint Security is … Continue reading CRTO Review
Turning ourselves into Ghosts “Hunting for a fileless threat can be a tedious and labor-intensive task for any analyst. It is, most often than not, extremely time-consuming and requires a significant amount of data gathering. On top of that, the traditional tools, methods, and defenses seem to be less effective when dealing with these almost … Continue reading Fileless Malware
In a current event I came across an environment where cracking hashes or tickets was not required, or basically impossible, so I started doing my research to keep track on what can we do, when we only have Hashes or Tickets in our possession some are limited to what can be done, but others are … Continue reading Playing with Hashes and Tickets
This is a path I would like to talk about since I was working on my own to get to where I finally am. A Jr Red Team Operator, now we all ask ourselves this question when we start, “Where do I start?”. Well, this used to be a difficult question to answer as even … Continue reading Starting in Red Team
We all love Exploitation and gaining access to a machine elevate our privileges and gain that SYSTEM, Administrator, Domain Admin Shell. It’s a rush that us as hackers love to see when we try to gain access to a box “Meterpreter Session 1 Opened”, Beacon, Grunt, etc. Oof hasn’t that been one of the most … Continue reading The Importance of Enumeration
Hi Everyone, I currently want to share a new and updated gitbook from my previous one Red Team Notes, I currently manage to categories the MITRE ATTACK Framework and mostly focused on Windows Attacks. (I wanted to add other’s but unfortunately it’s resources that I do not have). When I started the Red Team learning … Continue reading Red Team Notes 2.0
Error 404 So I know I have been quite inactive lately on my blog, but all in good reason, mostly practicing techniques, writing techniques, creating Demos, writing code in C++, C# and Python3. I have been quite on the move this very sedentary year with learning more Cybersecurity and more specially Red Team related stuff. … Continue reading 2020 (Error 404)
Today I will talk about persistence, the technique used by adversaries to maintain their foothold on your network. It mainly consists of techniques used by adversaries to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Many tools are great for these techniques and I will demonstrate … Continue reading Persistence Techniques
In today’s Episode of Red-Teaming we will talk about Privilege Escalation a valuable Technique when trying to gain higher privileges on a machine, we want to achieve this Goal because we want UNRESTRICTED access onto the machine we are targeting. In this part the APT is trying to gain higher privileges on the Machine There … Continue reading Privilege Escalation
In my previous post I talked about capturing hashes using a variety of different methods if you noticed these methods were utilizing LOLBAS also know as Living Off The Land Binaries and Scripts (and also Libraries) but what are these Executable that I utilized???. They are Windows Trusted Binaries that come installed into the System … Continue reading Execution
So today I just wanted to write a simple post on explaining the method of Capturing Hashes (NTLM, NTLMv2, Etc). Let’s say we have access to a Victim machine but we are trying to Escalate our privileges, Maintain persistence or Execute Commands, various things can be done from here but I won’t dive too deep … Continue reading Capturing Hashes
DMCXBLUE 