blog category
Research & Tradecraft
Research & Tradecraft
Merlin 💖 JavaScript — All up in Your Browsers
By: Russel Van Tuyl
Jan 18, 2018 • 7 min read
Read Post
Research & Tradecraft
HostEnum: Updates and Usage Guide
HostEnum (formerly Invoke-HostEnum) has received some much needed attention in recent weeks and a new version is...
By: Andrew Chiles
Jan 10, 2018 • 4 min read
Read Post
Research & Tradecraft
Introducing Merlin — A cross-platform post-exploitation HTTP/2 Command & Control Tool
By: Russel Van Tuyl
Dec 18, 2017 • 8 min read
Read Post
Research & Tradecraft
Designing Effective Covert Red Team Attack Infrastructure
By: Jeff Dimmock
Dec 4, 2017 • 20 min read
Read Post
Research & Tradecraft
The PowerView PowerUsage Series #4
By: Will Schroeder
Nov 20, 2017 • 4 min read
Read Post
Research & Tradecraft
Lateral Movement Using Outlook’s CreateObject Method and DotNetToJScript
By: Matt Nelson
Nov 16, 2017 • 4 min read
Read Post
Research & Tradecraft
A Look at CVE-2017–8715: Bypassing CVE-2017–0218 using PowerShell Module Manifests
By: Matt Nelson
Nov 6, 2017 • 6 min read
Read Post
Research & Tradecraft
A Guide to Attacking Domain Trusts
By: Will Schroeder
Oct 30, 2017 • 46 min read
Read Post
Research & Tradecraft
Part 9 of Advanced Threat Tactics covers a lot of my thoughts on evasion. The ideas in that...