Becoming a Red Teamer
I receive the questions “I want to become a red teamer” or “How do I get started in pentesting / red teaming?” pretty often. Instead of repeating myself, I’ll write down my recommended path to take if I had to do it all over again. Here we go.
Process Injection via custom Beacon Object Files Part 2
Back in April 2021, I did an internship at NVISO. I was part of one of their Red Teams and tasked with developing custom Beacon Object Files for the Cobalt Strike framework. The end goal is to perform process injection using direct syscalls and execute shellcode, which should bypass EDR/AV solutions.
Process Injection via custom Beacon Object Files Part 1
Back in April 2021, I did an internship at NVISO. I was part of one of their Red Teams and tasked with developing custom Beacon Object Files for the Cobalt Strike framework. The end goal is to perform process injection using direct syscalls and execute shellcode, which should bypass EDR/AV solutions.
Domain Borrowing
In this post I will go over the basics of Domain Borrowing and how DomainBorrowingC2 was built. DomainBorrowingC2 was made as part of an internship at NVISO Security’s Red Team. Follow their work on their blog and Twitter.
Malware Packers
Today I’m taking a look at different packers used to pack malware, how to identify them and how to unpack them.
Basic Assembly
THIS POST IS A WORK IN PROGRESS
In this post I’ll go over writing a basic Hello World program in C, using MinGW to compile, assemble and link it. I’ll be looking at the assembly, writing my own Hello World in NASM and using nasm and ld to assemble and link it.
Phishing with Gophish
Gophish is an opensource phishing framework which focuses on: automating email distribution using groups, email generation by using templates, importing and hosting landing pages and combining all the different aspects of a phishing operation as a single campaign with live statistics.
14 post articles, 2 pages.