blog category
Research & Tradecraft
Research & Tradecraft
Microsoft Breach — What Happened? What Should Azure Admins Do?
Microsoft Breach — What Happened? What Should Azure Admins Do? On January 25, 2024, Microsoft published a blog post...
By: Andy Robbins
Feb 2, 2024 • 11 min read
Read Post
Research & Tradecraft
Background If you’ve found yourself on a red team assessment without SharpHound (maybe due to OPSEC...
By: Matt Creel
Jan 30, 2024 • 13 min read
Read Post
Research & Tradecraft
ADCS Attack Paths in BloodHound — Part 1
ADCS Attack Paths in BloodHound — Part 1 Since Will Schroeder and Lee Christensen published the Certified Pre-Owned whitepaper,...
By: Jonas Bülow Knudsen
Jan 24, 2024 • 16 min read
Read Post
Research & Tradecraft
Calling Home, Get Your Callbacks Through RBI
Authored By: Lance B. Cain and Alexander DeMine Overview Remote Browser Isolation (RBI) is a security...
By: Lance B. Cain
Jan 17, 2024 • 22 min read
Read Post
Research & Tradecraft
Sleepy — Python Tooling for Sleep
Sleepy — Python Tooling for Sleep Thank you to SpecterOps for supporting this research and to Sarah, Cody, and...
By: Evan McBroom
Dec 14, 2023 • 7 min read
Read Post
Research & Tradecraft
Mythic v3.2 Highlights: Interactive Tasking, Push C2, and Dynamic File Browser
TL;DR; Mythic v3.2 has Push C2, Interactive Async Tasking, TypedArray parameters, new graphing libraries in the...
By: Cody Thomas
Nov 29, 2023 • 10 min read
Read Post
Research & Tradecraft
Merlin’s Evolution: Multi-Operator CLI and Peer-to-Peer Magic
Image Generated by https://hotpot.ai/art-generator Over the past year, I’ve been working on making significant updates to...
By: Russel Van Tuyl
Nov 15, 2023 • 9 min read
Read Post
Research & Tradecraft
On Detection: Tactical to Functional
Part 11: Functional Composition Introduction Welcome back to part 11 of the On Detection blog series....
By: Jared Atkinson
Nov 14, 2023 • 21 min read
Read Post
Research & Tradecraft
Part 11: Functional Composition