blog category

Research & Tradecraft

image for Mythic 3.3 Beta: Rise of the Events

Research & Tradecraft

Mythic 3.3 Beta: Rise of the Events

A brief overview of Mythic 3.3’s new features Eventing Flows Mythic 3.3 Updates Mythic 3.3 has too many...

By: Cody Thomas
Jul 15, 2024 • 8 min read
Read Post
image for Drink Like a Phish

Research & Tradecraft

Drink Like a Phish

PHISHING SCHOOL How to Make Your Phishing Sites Blend In As you read this, bots are coming...

By: forrest kasler
Jul 9, 2024 • 12 min read
Read Post
image for An AWS Administrator Identity Crisis: Part 1

Research & Tradecraft

An AWS Administrator Identity Crisis: Part 1

BLUF: Every attack path needs a destination. This is a formalized way of describing destinations in...

By: Daniel Heinsen
Jun 28, 2024 • 11 min read
Read Post
image for I Will Make you Phishers of Men

Research & Tradecraft

I Will Make you Phishers of Men

PHISHING SCHOOL Convincing Targets to Click Your Links When it comes to phishing advice, the number one...

By: forrest kasler
Jun 25, 2024 • 21 min read
Read Post
image for How Privileged Identity Management Affects Conditional Access Policies

Research & Tradecraft

How Privileged Identity Management Affects Conditional Access Policies

Introduction When administrators use directory roles (aka Entra ID roles) when configuring Conditional Access Policies (CAPs),...

By: Hope Walker
Jun 20, 2024 • 11 min read
Read Post
image for Mapping Snowflake’s Access Landscape

Research & Tradecraft

Mapping Snowflake’s Access Landscape

Attack Path Management Because Every Snowflake (Graph) is Unique Introduction On June 2nd, 2024, Snowflake released a...

By: Jared Atkinson
Jun 13, 2024 • 28 min read
Read Post
image for Lateral Movement with the .NET Profiler

Research & Tradecraft

Lateral Movement with the .NET Profiler

Lateral Movement with the .NET Profiler The accompanying code for this blogpost can be found HERE. Intro I spend...

By: daniel mayer
Jun 11, 2024 • 8 min read
Read Post
image for Ghostwriter v4.2

Research & Tradecraft

Ghostwriter v4.2

Ghostwriter v4.2: Project Documents & Reporting Enhancements After April’s massive Ghostwriter v4.1 release, we received some...

By: Christopher Maddalena
Jun 10, 2024 • 7 min read
Read Post
image for Automating SCCM with Ludus: A Configuration Manager for Your Configuration Manager

Research & Tradecraft

Automating SCCM with Ludus: A Configuration Manager for Your Configuration Manager

TL;DR: Using Ludus as the backend, and with the help of Erik at Bad Sector Labs,...

By: zach stein
Jun 6, 2024 • 13 min read
Read Post