blog category
Research & Tradecraft
Research & Tradecraft
Background If you’ve found yourself on a red team assessment without SharpHound (maybe due to OPSEC...
Jan 30, 2024 • 13 min read
Read Post
Research & Tradecraft
ADCS Attack Paths in BloodHound — Part 1
ADCS Attack Paths in BloodHound — Part 1 Since Will Schroeder and Lee Christensen published the Certified Pre-Owned whitepaper,...
Jan 24, 2024 • 16 min read
Read Post
Research & Tradecraft
Calling Home, Get Your Callbacks Through RBI
Authored By: Lance B. Cain and Alexander DeMine Overview Remote Browser Isolation (RBI) is a security...
Jan 17, 2024 • 22 min read
Read Post
Research & Tradecraft
Sleepy — Python Tooling for Sleep
Sleepy — Python Tooling for Sleep Thank you to SpecterOps for supporting this research and to Sarah, Cody, and...
Dec 14, 2023 • 7 min read
Read Post
Research & Tradecraft
Mythic v3.2 Highlights: Interactive Tasking, Push C2, and Dynamic File Browser
TL;DR; Mythic v3.2 has Push C2, Interactive Async Tasking, TypedArray parameters, new graphing libraries in the...
Nov 29, 2023 • 10 min read
Read Post
Research & Tradecraft
Merlin’s Evolution: Multi-Operator CLI and Peer-to-Peer Magic
Image Generated by https://hotpot.ai/art-generator Over the past year, I’ve been working on making significant updates to...
Nov 15, 2023 • 9 min read
Read Post
Research & Tradecraft
On Detection: Tactical to Functional
Part 11: Functional Composition Introduction Welcome back to part 11 of the On Detection blog series....
Nov 14, 2023 • 21 min read
Read Post
Research & Tradecraft
Streamlining Devcontainer Workflow: SSH Authentication and Key Signing with 1Password