If you're interested - please do check out my blog. Mainly focused on OSCP/CRTP now (CRTE soonâ„¢), but who knows what the future will bring! Suggestions are of course very welcome too :)
cas.vancooten.com
Operating from a restricted environment without outbound connectivity? Venom allows for port reuse and even works on Windows (to my surprise). Now you can set up a SOCKS proxy without disturbing the original service!
Check it out 👉github.com/Dliv3/Venom
I realize that I never got to a follow-up of this post for CRTE. Frankly I'm not sure if it warrants a separate post, since CRTE covers mostly the same topics and contains little extra material. It's a cool challenge lab though, and the exam is rewarding.
casvancooten.com/posts/2020/…
2 more weeks until we resume our monthly Meetups! 1st up is @jdmoore0883 who will walk us through LABORATORY! If the rumours are true, this "easy" Linux box ain't that easy! Save your spot and join us for a sweet challenge: meetup.com/Hack-The-Box-Meet…
Just finished a long project I was working on.
It's a self developed remote access tool.
Shoutout to: @chvancooten, @ShitSecure for helping me with the last piece of the puzzle.
And : @byt3bl33d3r with his amazing OffensiveNim repo.
github.com/byt3bl33d3r/Offen…
#Nim is picking up steam within OffSec. It has various advantages like it's interface with, and compilation to, native C(++). One more (quickly overlooked) advantage is compile-time macro's like those used in the strenc lib. It's never been easier to obfuscate static strings!
The 'nim-strenc' library can be found at the link below. The macro responsible for automatically XOR'ing all static strings in the binary is under 30 lines of code itself :)
github.com/Yardanico/nim-str…
Just wrote a quick update for the latest "Playing with OffensiveNim" blog post which contains some words about detection as well as Encoding/Encryption for .NET assemblies:
s3cur3th1ssh1t.github.io/Pla…