Azure Attack Paths: Common Findings and Fixes (Part 1) Jun 19, 2022 10 min read azureredteamblueteamltr102 This post will walk through various services within the Azure catalogue and look at potential attack paths.
Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6 Apr 13, 2022 17 min read redteamblueteampurpleteam A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6
Chasing the Silver Petit Potam to Domain Admin Feb 20, 2022 5 min read redteam Exploiting Petit Potam in a different way to force some downgrade and protocol attacks.
A Minor Update - No Blog Posts for a While! Jan 1, 2022 1 min read Readers of ZSEC and my Twitter feed, A quick message/explanation. I have published my last two blog posts for a while as I am working on my second book; LTR102 [https://leanpub.
2021 - Looking Back on a Great Year Dec 27, 2021 7 min read I have made it somewhat of a tradition to look back at the previous 12 months in a blog post on the last day of the year or last week of the year.