In our first blog post on this series, here, we discussed the limitations of existing voice changing tools and how AI is changing the face of social engineering attacks. In this post, we detail how to set up of Respeecher and integrate it with Google Voice to achieve seamless real-time…
Every day, blog posts and news articles warn us about the danger of artificial intelligence (AI) and how the technology behind it can be used by criminals to perform sophisticated attacks. Our clients often ask, “Should we be worried?” Emerging technology such as ChatGPT and other generative AI systems give…
By Andrew Peng This post serves as introduction to payload development, following up on concepts in basic C# payload development such as the usage of Windows APIs, platform invocation (P/Invoke), and how basic Windows APIs tie together to perform shellcode execution. There are many approaches to payload/stager development,…
This blog provides a tutorial on executing a full attack chain from both Linux and Windows machines of Will Schroeders AD Certificate Services research ( https://posts.specterops.io/certified-pre-owned-d95910965cd2) using Petit Potam POC created by Gilles Lionel (https://github.com/topotam/PetitPotam) to initiate a NTLM relay with the vulnerable…
Social engineering campaigns continue to be one of the primary methods that adversaries use to gain an initial foothold in an organization. Red teams and Advanced Persistent Threat (APT) groups often times use phishing techniques and pretexted phone calls to coerce users to either disclose sensitive information or execute malicious…