hacking the planet at ired.team buy me a vinyl at patreon.com/iredteam

Joined March 2009
A few notes on dumping lsass.exe while bypassing Cylance and Windows API unhooking with some C++ ired.team/offensive-security…
5
224
490
Show this thread
Adding a domain trust exploitation scenario to our hacklab, working from the guidance on @spotheplanet's iRed.team notes. This first part of two covers deploying the environment. The second will involve creating randomised targets. aidanmitchell.uk/orchestrati…
0
12
20
spotless retweeted
Heavily inspired by @spotheplanet 's code, that is my implementation of the NTDLL frefreshing technique for hook removal using Cobalt Strike's Beacon Object Files (BOFs): gitlab.com/riccardo.ancarani…
2
39
100
spotless retweeted
Another solid series, multiple deep dives on different process injection techniques: ired.team/offensive-security…
0
9
30
Show this thread
A very quick note on detecting hooked syscalls ired.team/offensive-security… Thanks to @matterpreter 👊
4
89
251
Quick weekend note on Windows API Hashing, a concept usually used by malware. ired.team/offensive-security…
2
80
203
Evenening conspectus "Writing and Compiling Shellcode in C" ired.team/offensive-security… Big thanks to @hasherezade for her beautiful paper on the subject.
7
125
332
spotless retweeted
Today @_wald0, @CptJesus, and I are releasing #AzureHound, the cloud component to #BloodHound. To be able to work with them on my favorite tool was an absolute honor. Many long coding nights, several meetings, and tons of research have built up to now. specterops.io/so-con2020/eve…
1
50
155