blueteam - ZeroSec - Adventures In Information Security

Moody photo of railway arches with graffiti

Azure Attack Paths: Common Findings and Fixes (Part 1)

This post will walk through various services within the Azure catalogue and look at potential attack paths.

Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6

Apr 13, 2022 17 min read redteam blueteam purpleteam

A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6

AutoPoC - Validating the Lack of Validation in PoCs

Nov 13, 2021 25 min read honeypoc redteam blueteam bigdata purpleteam Research

HoneyPoC was a project to look at how popular CVE PoCs could be. AutoPoC took that concept and enabled the mass creation of disinformation. Also, Data is beautiful.

ADExplorer Exporting Quick Tip

Sep 10, 2021 1 min read redteam blueteam

Working with ADExplorer as a Red Teamer is really useful for seeing the whole domain in a single snapshot that can be looked at offline. There is minimal tooling out there for parsing

Locking Down SSH - The Right Way

May 22, 2021 16 min read blueteam Research basics

A little guide for locking down a VPS or similar to ensure your SSH connection is as secure as can be.