RSS Feed
Articles
-
Living Off the Foreign Land - Part 1/3: Setup Linux VM for SOCKS routing
Living Off the Foreign Land (LOFL) allows attackers to use Windows' built-in powerful tooling (LOFLCABs) to attack remote systems. The first part in this 3-part article discusses how to setup the Linux VM to transparently tunnel traffic over SOCKS. This enables an Offensive Windows VM to natively use Kerberos to interact with systems in the target network. -
Living Off the Foreign Land - Part 2/3: Configuring the Offensive Windows VM
Living Off the Foreign Land (LOFL) allows attackers to use Windows' built-in powerful tooling (LOFLCABs) to attack remote systems. The second part in this 3-part article discusses how to configure the Offensive Windows VM so it can use Kerberos authentication with the target network, and also how to obtain various types of credentials and them use them from the Offensive Windows VM. -
Living Off the Foreign Land - Part 3/3: Using Windows as Offensive Platform
Living Off the Foreign Land (LOFL) allows attackers to use Windows' built-in powerful tooling (LOFLCABs) to attack remote systems. The last part in this 3-part article discusses the various LOFL Cmdlets and Binaries (CABs) that can be used to attack systems in the target network, and also provides pointers on how these attacks can be detected. -
Digging for Secrets on Corporate Shares
Sometimes during red team engagements there is no obvious path to escalate and the only way to move forward is to perform an evaluation of the filesystem and network shares. This article discusses how to perform such evaluation efficiently to find the needles in the haystack. -
Dealing with large BloodHound datasets
Article discussing some of the challenges I faced importing large datasets into BloodHound including some scripts to overcome these challenges. Additionally some tricks are discussed on how to use Neo4j's Cypher language from PowerShell to get the right results quickly.
Newest Posts
- Living Off the Foreign Land - Part 1/3: Setup Linux VM for SOCKS routing
- Living Off the Foreign Land - Part 2/3: Configuring the Offensive Windows VM
- Living Off the Foreign Land - Part 3/3: Using Windows as Offensive Platform
- Digging for Secrets on Corporate Shares
- Dealing with large BloodHound datasets