blog category
Research & Tradecraft
Research & Tradecraft
Streamlining Devcontainer Workflow: SSH Authentication and Key Signing with 1Password
By: Max Harley
Nov 11, 2023 • 4 min read
Read Post
Research & Tradecraft
Abusing Slack for Offensive Operations: Part 2
When I first started diving into offensive Slack access, one of the best public resources I...
By: Matt Creel
Nov 9, 2023 • 7 min read
Read Post
Research & Tradecraft
Lateral Movement without Lateral Movement (Brought to you by ConfigMgr)
Introduction Earlier this year, I submitted a pull request to SharpSCCM’s repository. SharpSCCM is a tool...
By: Diego lomellini
Nov 7, 2023 • 11 min read
Read Post
Research & Tradecraft
Token stealing is getting harder. Instead, stealing whole logged-in browser instances may be an easier and...
By: Forrest Kasler
Nov 7, 2023 • 9 min read
Read Post
Research & Tradecraft
Written by Nico Shyne & Josh Prager Introduction Part II In the first installment of “Domain of Thrones,”...
By: joshua prager
Nov 6, 2023 • 20 min read
Read Post
Research & Tradecraft
On Detection: Tactical to Functional
Part 10: Implicit Process Create Introduction Welcome back to another installment of the On Detection: Tactical to...
By: Jared Atkinson
Nov 1, 2023 • 22 min read
Read Post
Research & Tradecraft
Part 10: Implicit Process Create
By: Jared Atkinson
Nov 1, 2023 • 25 min read
Read Post
Research & Tradecraft
Lateral Movement: Abuse the Power of DCOM Excel Application
In this post, we will talk about an interesting lateral movement technique called ActivateMicrosoftApp() method within...
By: Raj Patel
Oct 30, 2023 • 10 min read
Read Post
Research & Tradecraft
CVE-2023–4632: Local Privilege Escalation in Lenovo System Updater
Version: Lenovo Updater Version <= 5.08.01.0009 Operating System Tested On: Windows 10 22H2 (x64) Vulnerability: Lenovo...