When I’m on an engagement and I’m given a SOE and a domain account, I usually want to use a tool like PowerShell Empire to remotely…

Tool to make in memory man in the middle. Contribute to AMOSSYS/MemITM development by creating an account on GitHub.

Introduction extremely a splendid Invoke-Confusion is collections of modules Powershell inclusive some researches the modern between them .NET Reflection. Assembly, however, It contains aspects of …

For those who also face the Linux-to-Windows PowerShell struggle: I created a Docker image & blog post on how to use PowerShell remoting from a Linux client to a Windows target (post-exploitation, living off the land) https://t.co/x1zAEpVtOO

The following paper documents a possible PE file infection technique which covers a high level overview and the low level code of how both the infection and the resulting payload is executed. Please note that some of the following material may not be suited…

Introduction It has been more than a year since I published the concept of infecting an executable with shellcode here and recently I have been motivated to develop another PoC which follows the same path but at a more advanced level combining knowledge and…

A C# penetration testing tool to discover low-haning web fruit via web requests. - rvrsh3ll/SharpFruit

So, fuzzing FaceTime calls led to a kernel panic https://t.co/m5N9YdXkJb

Hello again. In my previous posts I detailed how to manually get SYSTEM shell from Local Administrators users. That’s interesting but very late game during a penetration assessment as it is presumed that you already owned the target machine.

In this post I wanted to look at a technique which is by no means new to .NET developers, but may prove useful to redteamers crafting their tools... exporting .NET static methods within a DLL... AKA using RunDLL32 to launch your .NET assembly.

Symantec uncovers tool used by Lazarus to carry out ATM attacks.

Expectations v/s Reality 👨‍💻

This article is about Post Exploitation using the WMIC (Windows Management Instrumentation Command Line). When an Attacker gains a meterpreter session on a Remote PC,

byt3bl33d3r, /dev/random > blog.py

Hello Everyone,