blog category
Research & Tradecraft
Research & Tradecraft
Performance, Diagnostics, and WMI
Windows offers tons of useful tools that administrators can leverage to perform their daily jobs. A...
By: Steven Flores
Jul 11, 2023 • 10 min read
Read Post
Research & Tradecraft
Sowing Chaos and Reaping Rewards in Confluence and Jira
Introduction Let me paint a picture for you. You’re on a red team operation, operating from...
By: Craig Wright
Jun 28, 2023 • 11 min read
Read Post
Research & Tradecraft
Understanding Telemetry: Kernel Callbacks
Introduction I’ve published blogs around telemetry mechanisms like Event Tracing for Windows (ETW) in the Uncovering...
By: Jonathan Johnson
Jun 12, 2023 • 12 min read
Read Post
Research & Tradecraft
Less SmartScreen More Caffeine: (Ab)Using ClickOnce for Trusted Code Execution
The contents of this blogpost was written by Nick Powers (@zyn3rgy) and Steven Flores (@0xthirteen), and...
By: Nick Powers
Jun 7, 2023 • 19 min read
Read Post
Research & Tradecraft
On Detection: From Tactical to Functional
In his 1931 paper “A Non-Aristotelian System and Its Necessity for Rigour in Mathematics and Physics,”...
By: Jared Atkinson
Jun 1, 2023 • 15 min read
Read Post
Research & Tradecraft
Beyond Procedures: Digging into the Function Call Stack
Within the cybersecurity industry, many of us have a natural inclination towards digging into technical concepts...
By: Nathan Davis
May 24, 2023 • 20 min read
Read Post
Research & Tradecraft
There’s a new, practical way to escalate from Domain Admin to Enterprise Admin. ESC5 You’ve heard...
By: Andy Robbins
May 16, 2023 • 9 min read
Read Post
Research & Tradecraft
C2 and the Docker Dance: Mythic 3.0’s Marvelous Microservice Moves
— Title by ChatGPT for introducing Mythic 3.0 What is Mythic? Mythic is a plug-n-play command and control...