In July 2011, John Leitch of autosectools.com talked about a technique he called process hollowing in his whitepaper here. Ever since then, many malware campaigns
Windows developed the Antimalware Scan Interface (AMSI) standard that allows a developer to integrate malware defense in his application. AMSI allows an application to interact
Responder is a widely used tool in penetration testing scenarios, and red teamers often use it for lateral movement across the network. Additionally, Responder offers
Hi, Pentesters! In this article, we are going to focus on the Kali Linux tool “Cewl” which will basically help you to create a wordlist.
According to MITRE, “Adversaries can use the COM system to insert malicious code that executes in place of legitimate software by hijacking COM references and
During Red Team assessments, after an attacker has compromised a system, they often move laterally through the network, gaining more relevant information on other systems.
In this article, we explore how a WebClient Workstation Takeover can occur during lateral movement by abusing WebDAV shares. Inspired by @tifkin_’s and the Certified
Often times attackers have the need to generate a wordlist based on certain criteria which are required for pentest scenarios like password spraying/brute-forcing. Other times
Parent PID spoofing is an access token manipulation technique that helps an attacker evade defense mechanisms such as heuristic detection by spoofing the PPID of