DIY Leaked Credential Search Engine - Part 1

Introduction This post will walk through the process we followed to build a search engine for leaked credentials from publicly disclosed breaches/database leaks using Django »

Atomic Red Team Windows Execution Engine

Atomic Red Team is an excellent collection of commands, activities, and other Indicators of Compromise (IoCs) developed and maintained by Red Canary that your blue team »

Public Trust with PEAP Networks

PEAP Basics With PEAP networks, authentication is performed via an MSChap handshake protected by a TLS tunnel. Since MSChap has been effectively broken (GHOST_URL /quick-tip-crack-ntlmv1-handshakes-with-crack-sh/ »

Out of The Box - Lateral Movements

With many defenders keenly focused on identifying malicious activity including lateral movement, we as attackers must adapt techniques beyond the vanilla offerings of our typical toolsets. »