A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6
HoneyPoC was a project to look at how popular CVE PoCs could be. AutoPoC took that concept and enabled the mass creation of disinformation. Also, Data is beautiful.
One of the areas that I love when it comes to red/purple engagements is profiling organizations on LinkedIn and GitHub, looking for crucial information that can lead to more juicy enumeration.
Older techniques used in a sysadmin space, weaponised for red teaming and how to detect them from a blue team perspective.
Pass the X attacks originate from having a piece of information, in these examples this will be a hash, a set of credentials or a Kerberos ticket and then leveraging them for lateral movement throughout a network.