Shogun Lab conducts research to help organizations secure their systems and software. おもしろい です ね。

Joined March 2017
I’m excited to finally release a short book that’s about building C2 implants in C++. I hope it can serve as an educational resource for those in Red Teams who want to get started writing their own implants and related C2 components. You can read it here: shogunlab.gitbook.io/buildin…
15
352
880
Special thanks to @Jackson_T for reviewing/giving me feedback, @jalospinoso who wrote the implant the book is based on, and instructors who provided excellent training (@its_a_feature_, @matterpreter from @SpecterOps and @culturedphish, @monoxgas, @moo_hax from @SilentBreakSec)
1
3
15
Shogun Lab retweeted
Introducing SysWhispers2! It no longer relies on pre-computed syscall tables, and uses @modexpblog's address sorting implementation instead. Check out @ElephantSe4l's write-up for how the technique works. - github.com/jthuraisamy/SysWh… - crummie5.club/freshycalls
1
90
183
Shogun Lab retweeted
Anyone interested in C++ red team tool development should take a look at this beautiful work by @shogun_lab. Inspired by vimeo.com/384348826 and C++ Crash Course @nostarch #cpp #infosec
I’m excited to finally release a short book that’s about building C2 implants in C++. I hope it can serve as an educational resource for those in Red Teams who want to get started writing their own implants and related C2 components. You can read it here: shogunlab.gitbook.io/buildin…
Show this thread
1
25
59
If anyone has feedback or would like to suggest improvements, feel free to message me directly on Twitter or submit a pull request! The source code for the book is open source and available here: github.com/shogunlab/buildin…
2
8
17
Show this thread
Nice intro for people that want to get started with researching EDR sensors and identify ways to evade detection. Some great sample code and scripts provided too!
Want to see what EDR sensors see when you practice attacks and develop bypasses, without tipping off defenders? I'm starting a new series on reversing and evading EDRs, with a paper on how to divert telemetry to private infrastructure. Check it out! jackson-t.ca/edr-reversing-e…
Show this thread
0
0
4
Shogun Lab retweeted
Want to see what EDR sensors see when you practice attacks and develop bypasses, without tipping off defenders? I'm starting a new series on reversing and evading EDRs, with a paper on how to divert telemetry to private infrastructure. Check it out! jackson-t.ca/edr-reversing-e…
8
189
451
Show this thread
Goes without saying at this point but, Red Team Operations by @SpecterOps is a phenomenal course. Completed their NorthSec training today and the instructors were helpful throughout. Fun lab environment that rewards good OPSEC and the blue team perspective was not neglected. 👍
2
10
47
Shogun Lab retweeted
So the Dark Side Ops: Malware Dev class by @SilentBreakSec was amazing. Lots of useful design choices/techniques/code snippets to bring back to our custom tooling. Definitely recommend it.
1
3
19
Shogun Lab retweeted
Just posted my article called "Code Signing on a Budget" which shows how easy it is to find/abuse legitimate code signing certificates. Using this, I found a valid code signing certificate belonging to a leading tech company and disclosed it to them. jackson-t.ca/certificate-the…
3
109
222