Sign up for our online Advanced Threat Actor Simulation training course with Nettitude's Red Team featuring Ben Turner 🇬🇧 məˈklaʊd and BaffledJimmy October 12th-15th 2020 #RedTeam #Training #Eventbrite eventbrite.com/e/advanced-thr…

Here it is - PoshC2 v7.0. Better comms, payload generation, EDR detection, Docker support and MUCH more. Thanks to Ben Turner 🇬🇧 məˈklaʊd @m0rv4i & many others! labs.nettitude.com/blog/introduci…

New release of SharpEDRChecker, now with support for Covenant and other C2 frameworks along with support for older OS's and more EDRs. Thanks to BaffledJimmy & Simone for the contributions. github.com/PwnDexter/Shar…

Wrote a new article on redteaming.co.uk about checking for user-land hooking via C# redteaming.co.uk/2020/12/01/wor… məˈklaʊd

We've noted our findings after a couple of years auditing #Windows #Defender Attack Surface Reduction events. Hopefully it will help anyone considering block mode. Being able to use the credential stealing/lsass rule was the surprise for me. medium.com/palantir/micro…

Limited options for lateral movement? Introducing FComm. Communicate via file servers with low detectability. Tool and blog by Scriptmonkey_ labs.nettitude.com/blog/introduci…

Had an absolute blast working with the incredible red team @Nettitude_Labs epic learning, great friendships and many shells over the last two and half years! But the time has come to cross the bridge from external to internal, so if anyone has any pro tips on the transition HMU!

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries… dlvr.it/RsTwqz #C2Server #PoshC2 #Python #SharpEDRChecker

Check out my latest blog post! It's a story about an operation I led where we combined several web app vulnerabilities into a cool kill chain: btlr.dev/blog/gordian-l…

Little EventLogSearcher module for hunting where those interesting users are logged in - redteaming.co.uk/2021/03/15/eve…

I wrote a quick blog post on SharpEDRChecker and its inner workings and why / how it differs from the norm to solve situational awareness shenanigans! redteaming.co.uk/2021/03/18/sha… cc Ben Turner 🇬🇧 məˈklaʊd #redteam #infosec

Checking for EDR in #redteam engagements is fast becoming the whoami of pentesting. Although T1033 is the most used TTP (and will probably not change anytime soon), checking for EDR is the up and comer. Nice article by Ross on EDR Checker: redteaming.co.uk/2021/03/18/sha…

PoshC2 Teaser: Some C2 frameworks support macOS using Python. Coming soon, thanks to l0gan, #PoshC2 will support macOS natively through JavaScript for Automation (JXA)! Watch this space...

Introducing Native macOS Implants to PoshC2! PoshC2 can now be used in a macOS environment for all your Command & Control needs🍎by l0gan. labs.nettitude.com/blog/poshc2-in…

Canarytokens force attackers to doubt anything they find on ur servers. Today, thanks to Dev Dua - we ask: What happens when an attacker finds a Kubeconfig file on ur server? A: They use it, and u get a reliable alert! Our new (free) Kubeconfig token: blog.thinkst.com/2021/11/a-kube…

New car day 😊 #Lamborghini #Huracan #Performante

Shout out to The Paddock Co for the video on my Lambo 😎 youtube.com/watch?v=JOyend… #Lamborghini #Huracán #Performante

support.apple.com/en-us/HT213940