purpleteam - ZeroSec - Adventures In Information Security

purpleteam

A collection of 8 posts

Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6

redteam Featured

Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6

A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6

AutoPoC - Validating the Lack of Validation in PoCs

honeypoc Featured

AutoPoC - Validating the Lack of Validation in PoCs

HoneyPoC was a project to look at how popular CVE PoCs could be. AutoPoC took that concept and enabled the mass creation of disinformation. Also, Data is beautiful.

Social Profiling - OSINT for Red/Blue

Social Profiling - OSINT for Red/Blue

One of the areas that I love when it comes to red/purple engagements is profiling organizations on LinkedIn and GitHub, looking for crucial information that can lead to more juicy enumeration.

Old but Gold - Attack and Defend the Sys Admins

redteam Featured

Old but Gold - Attack and Defend the Sys Admins

Older techniques used in a sysadmin space, weaponised for red teaming and how to detect them from a blue team perspective.

Pass the Way to DA

Pass the Way to DA

Pass the X attacks originate from having a piece of information, in these examples this will be a hash, a set of credentials or a Kerberos ticket and then leveraging them for lateral movement throughout a network.

Learning The [Defence] Ropes 101 - Splunk Setup & Config

Learning The [Defence] Ropes 101 - Splunk Setup & Config

As an attacker I come across Splunk a lot but I've never deployed it. This blog post will deep dive into deploying it and querying the back end!

ZeroLogon(CVE-2020-1472) - Attacking & Defending

ZeroLogon(CVE-2020-1472) - Attacking & Defending

A handy walkthrough of CVE-2020-1472 from both a red and blue team perspective, how to detect, patch and hack ZeroLogon

WTF is Rainbow Teaming?

redteam Featured

WTF is Rainbow Teaming?

Alternative Title: 50 Shades of Teams Red Team, Blue Team, Purple Team, Black Team… Rainbow team? What are all of these things and what do they all mean? Is this a new case of a new found buzzword bingo or do they have a place and a purpose? The coloured