Research & Tradecraft

Research & Tradecraft

Evadere Classifications

Introduction The term evasion is derived from the Latin word “evadere” which means — “To escape,...

By: Jonathan Johnson

Jun 1, 2021 • 11 min read

Research & Tradecraft

Saving Your Access

Screensavers for macOS Persistence Background After revisiting old internal discussions, an area of interest was the...

By: Leo Pitt

May 27, 2021 • 7 min read

Research & Tradecraft

Offensive Security Guide to SSH Tunnels and Proxies

By: Russel Van Tuyl

Apr 22, 2021 • 23 min read

Research & Tradecraft

Man in the Terminal

Summary By using path hijacking and modification on Unix-like machines, we can achieve pseudo-keylogging functionality by...

By: Dwight Hohnstein

Apr 5, 2021 • 7 min read

Research & Tradecraft

Hacking with Haskell

By: Max Harley

Jan 5, 2021 • 5 min read

Research & Tradecraft

Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port

Introduction EDIT 7/16/23: Chromium added protections against this technique. Additional details can be found here: https://slyd0g.medium.com/debugging-cookie-dumping-failures-with-chromiums-remote-debugger-8a4c4d19429f This...

By: Justin Bui

Dec 17, 2020 • 13 min read

Research & Tradecraft

Adventures in Dynamic Evasion

Most teams I have worked with rely heavily on anecdotal evidence when it comes to evasion....

By: Matt Hand

Dec 7, 2020 • 12 min read

Research & Tradecraft

Introducing BloodHound 4.0: The Azure Update

By: Andy Robbins

Nov 20, 2020 • 7 min read

Research & Tradecraft

Ghostwriter v2.0 Release

By: Christopher Maddalena

Nov 20, 2020 • 9 min read