I’m excited to finally release a short book that’s about building C2 implants in C++. I hope it can serve as an educational resource for those in Red Teams who want to get started writing their own implants and related C2 components.
You can read it here: shogunlab.gitbook.io/buildin…
I’m excited to finally release a short book that’s about building C2 implants in C++. I hope it can serve as an educational resource for those in Red Teams who want to get started writing their own implants and related C2 components.
You can read it here: shogunlab.gitbook.io/buildin…
If anyone has feedback or would like to suggest improvements, feel free to message me directly on Twitter or submit a pull request! The source code for the book is open source and available here: github.com/shogunlab/buildin…
Nice intro for people that want to get started with researching EDR sensors and identify ways to evade detection. Some great sample code and scripts provided too!
Want to see what EDR sensors see when you practice attacks and develop bypasses, without tipping off defenders?
I'm starting a new series on reversing and evading EDRs, with a paper on how to divert telemetry to private infrastructure. Check it out!
jackson-t.ca/edr-reversing-e…
Want to see what EDR sensors see when you practice attacks and develop bypasses, without tipping off defenders?
I'm starting a new series on reversing and evading EDRs, with a paper on how to divert telemetry to private infrastructure. Check it out!
jackson-t.ca/edr-reversing-e…
Goes without saying at this point but, Red Team Operations by @SpecterOps is a phenomenal course. Completed their NorthSec training today and the instructors were helpful throughout. Fun lab environment that rewards good OPSEC and the blue team perspective was not neglected. 👍
So the Dark Side Ops: Malware Dev class by @SilentBreakSec was amazing. Lots of useful design choices/techniques/code snippets to bring back to our custom tooling. Definitely recommend it.
Just posted my article called "Code Signing on a Budget" which shows how easy it is to find/abuse legitimate code signing certificates. Using this, I found a valid code signing certificate belonging to a leading tech company and disclosed it to them. jackson-t.ca/certificate-the…