blog category
Research & Tradecraft
Research & Tradecraft
One Site to Rule Them All tl;dr: There is no security boundary between sites in the same...
By: Chris Thompson
Sep 25, 2023 • 13 min read
Read Post
Research & Tradecraft
Ghostwriter v4: 2FA, RBAC, and Logging, Oh My!
Ghostwriter v4 is officially here! Technically, it’s been available as a release candidate for a while,...
By: Christopher Maddalena
Sep 20, 2023 • 7 min read
Read Post
Research & Tradecraft
Reactive Progress and Tradecraft Innovation
Detection as Prediction The overarching goal of a security operations program is to prevent or mitigate...
By: Michael Barclay
Sep 19, 2023 • 22 min read
Read Post
Research & Tradecraft
Shadow Wizard Registry Gang: Structured Registry Querying
Why Do We Need New Tooling for Registry Collection? The Windows registry, an intricate database storing...
By: Max Harley
Sep 5, 2023 • 10 min read
Read Post
Research & Tradecraft
Crypto Census: Automating Cryptomining Domain Indicator Detections
By: Alexander Sou
Aug 29, 2023 • 14 min read
Read Post
Research & Tradecraft
Site Takeover via SCCM’s AdminService API
tl:dr: The SCCM AdminService API is vulnerable to NTLM relaying and can be abused for SCCM...
By: Garrett Foster
Aug 10, 2023 • 9 min read
Read Post
Research & Tradecraft
In the first post in this series, On (Structured) Data, we talked about the gap area...
By: Will Schroeder
Aug 9, 2023 • 22 min read
Read Post
Research & Tradecraft
Challenges In Post-Exploitation Workflows
In our previous post, we talked about the problem of structured data in the post-exploitation community....
By: Will Schroeder
Aug 2, 2023 • 16 min read
Read Post
Research & Tradecraft
Introduction The offensive security industry is a curious one. On the one hand, we are ahead...