Since every one is firing up the marketing machines it’s time to break out a classic. You’re going to want the checkpoint firewall this time around.

In case you missed it, here are two diagram and table to help understand and abuse NTLM relay attacks 😃 (I could use some help to finish them and do some foolproofing, but they're already helpful as is imo)

Two of the most seemingly obvious things have made the biggest improvements on how we red team here. Standardizing sharing of notes/techniques/etc in Obsidian and having consultants debrief the entire red and research teams after every engagement is complete.

Hi monoxgas the SSL cert on silentbreaksecurity domain has expired I think, HSTS stops browsing. :)

In our latest research, Rob Maslen dives in to the LastPass password manager mdsec.co.uk/2022/10/analys…

@rkornmeyerX Justin Elze I know it’s been a meme for a while, but my experience with EDR and other technical tooling is that they are essentially Cobalt Strike detectors. They’re focused so heavily on developing detections on certain product IOCs and not the actual TTPs being leveraged.

Once again everyone doesn't need red teaming. Most of the complaints on here around the topic are people using red teaming in some capacity where they would benefit from other activities instead. That doesn't mean red teaming needs to be changed or modified.

Introducing ETWHash! ETWHash is a new method and tool by Lefteris Panos for consuming SMB events from Event Tracing for Windows (ETW) and extracting NetNTLMv2 hashes for cracking offline. labs.nettitude.com/blog/etwhash-h…

I’ve just publicly released SQLRecon v3.3. This release includes many features that were used privately by the X-Force Red Adversary Services team on real-world red team operations. Please share, enjoy, and use responsibility. Hmu if you have any questions! github.com/xforcered/SQLR…

Scaling detection and response operations at Coinbase part 2 & 3: 🔍 Driving context into detection logic with machine and user profiles 🔧 Codifying automatic remediation for high-risk detections 📫 Automating alert triage with employees via Slackbot coinbase.com/blog/scaling-d…

New features coming in #activedirectory? Say it ain't so!!!!: learn.microsoft.com/en-us/windows-…

I'm going to release a realistic red teaming course where we just read Confluence, wikis, shares, and git repos all day and write reports for several hours at the end.

A bunch of nerds: Your code needs to be memory safe to move the industry forward Every CVE in 2024: if you add a funny character to this URL parameter you can execute commands as root

Wrote up some notes on Puppet 101 and abusing Puppet across Linux / Windows. Comes with a Lab / Repo / POCs. tommacdonald.co.uk/abusing-puppet…

Had an idea to hide our links and payloads behind human facial validation AI. tommacdonald.co.uk/using-azure-ai…

Wrote some bumph on why cyber/red teaming needs to get better at learning from outside cyber. tommacdonald.co.uk/what-can-red-t…

Can we have better implant comms please? Some ideas for different options and design ideas. tommacdonald.co.uk/ideas-for-mesh… Woo Claude etc.