blueteam - ZeroSec - Adventures In Information Security

Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6

A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6

AutoPoC - Validating the Lack of Validation in PoCs

Nov 13, 2021 25 min read honeypoc redteam blueteam bigdata purpleteam Research

HoneyPoC was a project to look at how popular CVE PoCs could be. AutoPoC took that concept and enabled the mass creation of disinformation. Also, Data is beautiful.

ADExplorer Exporting Quick Tip

Sep 10, 2021 1 min read redteam blueteam

Working with ADExplorer as a Red Teamer is really useful for seeing the whole domain in a single snapshot that can be looked at offline. There is minimal tooling out there for parsing

Locking Down SSH - The Right Way

May 22, 2021 16 min read blueteam Research basics

A little guide for locking down a VPS or similar to ensure your SSH connection is as secure as can be.

Social Profiling - OSINT for Red/Blue

May 22, 2021 6 min read redteam purpleteam blueteam osint

One of the areas that I love when it comes to red/purple engagements is profiling organizations on LinkedIn and GitHub, looking for crucial information that can lead to more juicy enumeration.