Ghostwriter v4.3: SSO, JSON Fields, and Reporting with BloodHound

Ghostwriter v4.3: SSO, JSON Fields, and Reporting with BloodHound

Ghostwriter v4.3 is available now, and it enhances features introduced in previous versions of v4 in some exciting ways! In particular, this article will dive into how you can integrate a tool ...
The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources

The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources

The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX ...
A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web…

A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web…

A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web Gateways‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt ...
WebAssembly: The Fly on the Wall Delivering Malware Past Secure Web Gateways

WebAssembly: The Fly on the Wall Delivering Malware Past Secure Web Gateways

‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX presented groundbreaking research curating vulnerabilities in Secure Web Gateways (SWGs) ...
Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]

Life at SpecterOps: The Red Team Dream

TL;DRWe are hiring consultants at various levels. The job posting can be found under the Consultant opening here: https://specterops.io/careers/#careersIntroductionHey there! I’m Duane Michael, a Managing Consultant and red teamer at SpecterOps. Over ...
Teach a Man to Phish

Teach a Man to Phish

PHISHING SCHOOLA Decade of Distilled Phishing WisdomI decided to give away all of my phishing secrets for free. I realized at some point that I have been giving away phishing secrets for years, ...
The War for Control of DNS Encryption | Paul Vixie | WWHF Deadwood 2020 Virtual

Sleeping With the Phishes

PHISHING SCHOOLHiding C2 With Stealthy Callback ChannelsWrite a custom command and control (C2) implant — Check ✅Test it on your system — Check ✅Test it in a lab against your client’s endpoint detection and response (EDR) product — Check ✅Convince a target ...
How Hackers Steal Your RFID Cards

How Hackers Steal Your RFID Cards

Radio Frequency Identification (RFID) cards are ubiquitously used to authenticate using a physical token. This technology is often embedded in […] ...
Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover

Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover

Even within organizations that have achieved a mature security posture, targeted NTLM relay attacks are still incredibly effective after all these years of abuse. Leveraging several of these NTLM relay primitives, specifically ...
DEF CON 30  - Nick Powers, Steven Flores  – ClickOnce AbUse for Trusted Code Execution

Deep Sea Phishing Pt. 2

PHISHING SCHOOLMaking Your Malware Look Legit to Bypasses EDRI wanted to write this blog about several good techniques for endpoint detection and response (EDR) evasion; however, as I was writing about how to ...