blog category
Research & Tradecraft
Research & Tradecraft
Part 5: Expanding the Operation Graph
By: Jared Atkinson
Aug 18, 2022 • 17 min read
Read Post
Research & Tradecraft
Part 3: Expanding the Function Call Graph
By: Jared Atkinson
Aug 9, 2022 • 15 min read
Read Post
Research & Tradecraft
Encrypting Strings at Compile Time
Thank you to SpecterOps for supporting this research and to Duane and Matt for proofreading and...
By: Evan McBroom
Jul 20, 2022 • 5 min read
Read Post
Research & Tradecraft
Part 1: Discovering API Function Usage through Source Code Review
By: Jared Atkinson
Jul 19, 2022 • 24 min read
Read Post
Research & Tradecraft
Dealing with Failure: Failure Escalation Policy in CLR Hosts
Offensive tooling built upon the .NET framework and its runtime environment, the Common Language Runtime (CLR), is...
By: Jack Ullrich
Jul 13, 2022 • 12 min read
Read Post
Research & Tradecraft
Years ago I was chatting with a few experienced red teamers and one was lamenting token...
By: Will Schroeder
Jul 7, 2022 • 14 min read
Read Post
Research & Tradecraft
Relaying NTLM Authentication from SCCM Clients
tl;dr: Seriously, please disable NTLM I recently learned that you can coerce NTLM authentication from SCCM servers...