blog category
Research & Tradecraft
Research & Tradecraft
Updates to Ghostwriter: UI and Operation Logs
By: Daniel Heinsen
Sep 30, 2020 • 7 min read
Read Post
Research & Tradecraft
Detections of Past, Present, and Future
By: Robby Winchester
Sep 16, 2020 • 7 min read
Read Post
Research & Tradecraft
Malware Development Pt. 1: Dynamic Module Loading in Go
Introduction As a blend between offensive security engineer and developer, I find myself frustrated in attempting...
By: Dwight Hohnstein
Aug 31, 2020 • 17 min read
Read Post
Research & Tradecraft
Death from Above: Lateral Movement from Azure to On-Prem AD
Intro I’ve been looking into Azure attack primitives over the past couple of months to gain...
By: Andy Robbins
Aug 17, 2020 • 13 min read
Read Post
Research & Tradecraft
A Change of Mythic Proportions
By: Cody Thomas
Aug 13, 2020 • 7 min read
Read Post
Research & Tradecraft
Persistent AWS access with role chain juggling
By: Daniel Heinsen
Jul 16, 2020 • 7 min read
Read Post
Research & Tradecraft
Requesting Azure AD Request Tokens on Azure-AD-joined Machines for Browser SSO
RequestAADRefreshToken is a tool that returns OAuth 2.0 refresh tokens for an Azure-AD-authenticated Windows user (i.e. the machine is joined to...
By: BloodHound Team
Jul 14, 2020 • 8 min read
Read Post
Research & Tradecraft
Automating DLL Hijack Discovery
Introduction This blogpost will describe the concept of dynamic-link library (DLL) search order hijacking and how...