Azure Attack Paths: Common Findings and Fixes (Part 1)
This post will walk through various services within the Azure catalogue and look at potential attack paths.
redteam
Understanding Cobalt Strike Profiles - Updated for Cobalt Strike 4.6
A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.6
Chasing the Silver Petit Potam to Domain Admin
Exploiting Petit Potam in a different way to force some downgrade and protocol attacks.
Tunnelling For Offensive Security
One thing that comes up a lot when it comes to red teaming, penetration testing and breaching a network is being able to proxy traffic into multiple environments.
AutoPoC - Validating the Lack of Validation in PoCs
HoneyPoC was a project to look at how popular CVE PoCs could be. AutoPoC took that concept and enabled the mass creation of disinformation. Also, Data is beautiful.