Windows has a rich security model that is worth understanding to operate
effectively on a red team or pentest.
There are many great resources that discuss this topic. We will reference them
and attempt to distill the foundational concepts and the operational points you
should know. Specifically, we will focus…
During a whitebox code review, having graphical representations of the layout of
the code base can be highly beneficial, as the tester has limited time to learn
and analyze the structure of the project.
The .NET Compiler Platform SDK
[https://docs.microsoft.com/en-us/dotnet/csharp/roslyn-sdk/], or…
During an engagement, having an email list for your target can be useful for a
variety of reasons. When it comes to social engineering
[https://tevora-threat.ghost.io/tag/social-engineering/] and password spraying, more email
addresses translate to higher chances of success. While some clients will
provide an…
Any red team looking to improve is constantly adapting, changing their tactics
and implementing new techniques & procedures. To many professionals in the
industry, this is known as Tradecraft – a term that resonates with me.
Previously, I had written about various tools that are used by the Tevora Threat
Team…
This post will walk through the process of automatically decrypting a LUKS
encrypted drive on boot using a chain of trust implemented via Secure Boot and
TPM 2.
Warning: This post does not discuss initramfs configuration. Configuration of
the initramfs is distribution specific. Effort needs to be taken to ensure…