Home

redteam

View All C2 True Cybercrime Pentesting Cybersecurity Cybersecurity Insights Evasion Enumeration Cybersecurity Research Operational Security RedTeam Privilege Escalation Persistence Physical Access Offensive Security Social Engineering

Mar 21, 2024 4 min read

Privilege Escalation

Privilege Escalation with KrbRelayUp

KrbRelayUp is a no-fix method for privilege escalation - that's why it's still very interesting and usable.

Mar 19, 2024 3 min read

Pentesting

Install Pentesting Toolkit on non-rooted, modern Phone

Got your new Schmalaxy SXT9000 Smartphone with the great features and security, but it's already boring? Let's bring tools like Metasploit or SQLMap into your Pocket

img of Start It Up! PELoader Running AES Encrypted Shellcode

Mar 18, 2024 2 min read

Evasion

Start It Up! PELoader Running AES Encrypted Shellcode

We already explored many simple pathes to be able to run exe files while bypassing EDR like Defender. Now we go a step further.

img of Use Functional Style Coding to Evade Defender and other Code Scanners

Mar 17, 2024 5 min read

Cybersecurity Research

Use Functional Style Coding to Evade Defender and other Code Scanners

About one year ago we proposed the use of alternative coding styles to evade code scanners. Guess we gotta prove that it works.

img of Make Payloads That Cannot be Identified as Executable

Mar 16, 2024 5 min read

Cybersecurity Research

Make Payloads That Cannot be Identified as Executable

Using a few tricks we can make a PE payload, that looks like a PDF - including file name.

img of sln Exploits - Weaponizing .csproj Files

Mar 15, 2024 2 min read

Cybersecurity Research

sln Exploits - Weaponizing .csproj Files

Exploiting suo and csproj files recently gained attention, used in attacks on Cybersecurity researchers. We found another way