Skip to main content
Advanced Search
Search Terms
Content Type

Exact Matches
Tag Searches
Date Options
Updated after
Updated before
Created after
Created before

Search Results

41 total results found

Red Team

Articles

Malware

Threat Intelligence

Notes and Insights

Targeted and Efficien Phishing: Alteryx Workflow

Red Team

Background Recently, my friend who works in the accounting industry has been working hard to learn how to use a tool called Alteryx. She occasionally shares her learning experience with me, even though I do not have any knowledge of the accounting industry. T...

Use Searching Engines to Hunt For Threat Actors

Threat Intelligence

Background Hi folks, today, I’d like to discuss how to leverage search engines to identify vulnerable servers used by threat actors. These actors often employ multiple servers for various purposes, such as phishing infrastructure, command and control (C2) inf...

Bypass AMSI On Windows 11

Red Team

Motivation In this article, I want to break down AMSI (Anti-Malware Scan Interface) and its bypass technique on Windows 11. AMSI bypass is not a new topic, and compared with bypassing EDR, AMSI bypass is much easier, but I found that one bypass approach taugh...

MutationGate

Malware

Background Motivation Considering inline hook is a major detection utilized by EDR products, bypassing them is an interesting topic to me. Regarding bypassing inline hook placed by EDR, there are already quite a few approaches available. Although some of t...

CVE Collection

New Page

Threat Intelligence

[Backup] How Did I Take Over CobaltStrike Servers

Threat Intelligence

Hi folks, today I would like to share how I take over some Cobalt Strike TeamServerswith Quake and Password Spray Attack. From the perspective of a threat hunter, it isgood to track C2 servers on the Internet. From the perspective of a hacker, it is good tocom...

ReflectiveLoading And InflativeLoading

Malware

CobaltStrike's Beacon is essentially a DLL. The raw format payload is a patched DLL file. Through ingenious patching, the Beacon can achieve position independence similar to shellcode. We generate and compare payloads in both DLL and RAW formats: The Beacon i...

OSINT

EDRPrison: Borrow a Legitimate Driver to Mute EDR Agent

Malware

Hey friends, today I will share a technique that can be used to evade EDR products. I hesitate to call it a "new" technique, as I drew inspiration from existing projects and techniques. It is not a typical evasion method like sleep obfuscation, stack obfuscati...

CKAN Authenticated SSRF <= 2.9.11/2.10.4

CVE Collection

Vulnerability Information Product: Ckan Vendor: https://github.com/ckan  Affected Version(s): <= 2.9.11/2.10.4 CVE ID: TBD Description: SSRF vulnerability in resource proxy functionality in Ckan <=2.9.11/2.10.4, allowing authenticated attackers to scan ...

Reuniting with a Childhood Friend Lost for 8 Years Using OSINT

OSINT

OSINT, or Open Source Intelligence, is a crucial skill in the field of cybersecurity. It is widely used not only in cybersecurity but also in the intelligence community. For cybersecurity professionals, whether involved in red teaming, blue teaming, or threa...

用OSINT技术找回失联8年的童年伙伴

OSINT

OSINT,即开源情报,是网络安全领域中一项重要的技能。不仅是网络安全,情报界也广泛使用。对于网络安全人员,无论从事红队,还是蓝队,还是威胁狩猎/情报等,OSINT 都能发挥不同的作用。对于红队来说,OSINT 可以帮助操作员们在不与目标积极交互(漏洞扫描,目录爆破,社会工程学尝试等)的情况下了解目标的攻击面,掌握暴露的脆弱资产。对于蓝队以及威胁狩猎等更加偏向于主动与被动防御的角色来说,OSINT 可以帮助工程师们识别攻击者的技术栈,个人信息,基础设施,背后势力等。 作为一名红队操作员,在日常工作里,我主要利...