Andy Gill - ZeroSec - Adventures In Information Security

Moody photo of railway arches with graffiti

Azure Attack Paths: Common Findings and Fixes (Part 1)

This post will walk through various services within the Azure catalogue and look at potential attack paths.

Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6

Apr 13, 2022 17 min read redteam blueteam purpleteam

A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6

Chasing the Silver Petit Potam to Domain Admin

Feb 20, 2022 5 min read redteam

Exploiting Petit Potam in a different way to force some downgrade and protocol attacks.

A Minor Update - No Blog Posts for a While!

Jan 1, 2022 1 min read

Readers of ZSEC and my Twitter feed, A quick message/explanation. I have published my last two blog posts for a while as I am working on my second book; LTR102 [https://leanpub.

2021 - Looking Back on a Great Year

Dec 27, 2021 7 min read

I have made it somewhat of a tradition to look back at the previous 12 months in a blog post on the last day of the year or last week of the year.