Red Teaming
DNScat2: Application Layer C&C
AlienVault: Threat Hunting/Network Analysis
AlienVault: OSSEC (IDS) Deployment
AlienVault: End user Devices Integration-Lab Setup (Part 2)
Defense Evasion with obfuscated Empire
Threat Hunting: Velociraptor for Endpoint Monitoring (Part 2)
SIEM: Windows Client Monitoring with Splunk
Data Exfiltration using Linux Binaries
Threat Hunting: Velociraptor for Endpoint Monitoring
Incident Response: Windows Account Logon and logon Events
Incident Response: Windows Account Management Event (Part 2)
Incident Response: Windows Account Management Event (Part 1)
Incident Response- Linux Cheatsheet
Incident Response: Windows Cheatsheet
Defense Evasion: Alternate Data Streams
SIEM: Log Monitoring Lab Setup with Splunk
Threat Intelligence: MISP Lab Setup
Threat Hunting: Log Monitoring Lab Setup with ELK
Defense Evasion: Hide Artifacts
Remote Code Execution Using Impacket
Abusing Kerberos Using Impacket
Kerberoasting and Pass the Ticket Attack Using Linux
Evil-Winrm: Winrm Pentesting Framework
Domain Persistence: DC Shadow Attack
Domain Persistence AdminSDHolder
Abusing Microsoft Outlook 365 to Capture NTLM
Comprehensive Guide on Password Spraying Attack
Lateral Movement: Pass the Ticket Attack
Lateral Movement: Pass the Cache
Lateral Movement: Over Pass the Hash
Lateral Movement: Pass the Hash Attack
Lateral Movement on Active Directory: CrackMapExec
Deep Dive into Kerberoasting Attack
Domain Controller Backdoor: Skeleton Key
Domain Persistence: Golden Ticket Attack
Data Exfiltration using DNSSteal
RDP Session Hijacking with tscon
Credential Dumping: Windows Autologon Password
Credential Dumping: Fake Services
Credential Dumping: Domain Cache Credential
Credential Dumping: DCSync Attack
Credential Dumping: Local Security Authority (LSA|LSASS.EXE)
Credential Dumping: Phishing Windows Credentials
Credential Dumping: Applications
Credential Dumping: Security Support Provider (SSP)
Credential Dumping: Windows Credential Manager
Credential Dumping: Group Policy Preferences (GPP)
Windows Persistence: Port Monitors
Windows Persistence using Netsh
Windows Persistence using Bits Job
Windows Persistence using WinLogon
Windows Persistence: Accessibility Features
Windows Persistence: RID Hijacking
Windows Persistence using Application Shimming
Bypass Detection for Meterpreter Shell (Impersonate_SSL)
A Deep Drive on Proactive Threat Hunting
Threat Hunting – A proactive Method to Identify Hidden Threat
Evil SSDP: Spoofing the SSDP and UPnP Devices
Multiple Ways to Exploit Windows Systems using Macros
Windows for Pentester: BITSAdmin
Cloakify-Factory: A Data Exfiltration Tool Uses Text-Based Steganography
Data Exfiltration using PowerShell Empire
Get Meterpreter Session Alert over slack
Covert Channel: The Hidden Network
Command & Control: WebSocket C2
Command and Control with DropboxC2
Command & Control: Silenttrinity Post-Exploitation Agent
Command and Control Guide to Merlin
nps_payload: An Application Whitelisting Bypass Tool
GreatSct – An Application Whitelist Bypass Tool
Command and Control with HTTP Shell using JSRat
Koadic – COM Command & Control Framework
TrevorC2 – Command and Control
Generate Metasploit Payload with Ps1encode
Bypass Application Whitelisting using Weak Path Rule
Bypass Application Whitelisting using cmstp
Bypass Application Whitelisting using rundll32.exe (Multiple Methods)
Bypass Application Whitelisting using regsrv32.exe (Multiple Methods)
Bypass Application Whitelisting using wmic.exe (Multiple Methods)
Bypass Application Whitelisting using msbuild.exe (Multiple Methods)
Bypass Application Whitelisting using mshta.exe (Multiple Methods)
Bypass Application Whitelisting using msiexec.exe (Multiple Methods)
Windows Applocker Policy – A Beginner’s Guide
Multiple Ways to Exploiting Windows PC using PowerShell Empire
Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework
OSX Exploitation with Powershell Empire
Windows Persistence with PowerShell Empire
Multiple Ways to Exploiting OSX using PowerShell Empire