Red Teaming

DNScat2: Application Layer C&C

AlienVault: Threat Hunting/Network Analysis

AlienVault: OSSEC (IDS) Deployment

AlienVault: End user Devices Integration-Lab Setup (Part 2)

SIEM Lab Setup: AlienVault

Defense Evasion with obfuscated Empire

Threat Hunting: Velociraptor for Endpoint Monitoring (Part 2)

SIEM: Windows Client Monitoring with Splunk

Data Exfiltration using Linux Binaries

Threat Hunting: Velociraptor for Endpoint Monitoring

Incident Response: Windows Account Logon and logon Events

Incident Response: Windows Account Management Event (Part 2)

Incident Response: Windows Account Management Event (Part 1)

Incident Response- Linux Cheatsheet

Incident Response: Windows Cheatsheet

Defense Evasion: Alternate Data Streams

SIEM: Log Monitoring Lab Setup with Splunk

Threat Intelligence: MISP Lab Setup

Threat Hunting: Log Monitoring Lab Setup with ELK

Defense Evasion: Hide Artifacts

Remote Code Execution Using Impacket

Abusing Kerberos Using Impacket

Kerberoasting and Pass the Ticket Attack Using Linux

WinRM Penetration Testing

Evil-Winrm: Winrm Pentesting Framework

Domain Persistence: DC Shadow Attack

Domain Persistence AdminSDHolder

Abusing Microsoft Outlook 365 to Capture NTLM

Comprehensive Guide on Password Spraying Attack

Lateral Movement: Pass the Ticket Attack

Lateral Movement: Pass the Cache

Lateral Movement: Over Pass the Hash

Lateral Movement: Pass the Hash Attack

Lateral Movement on Active Directory: CrackMapExec

Lateral Movement: WMI

AS-REP Roasting

Deep Dive into Kerberoasting Attack

Domain Controller Backdoor: Skeleton Key

Kerberos Brute Force Attack

Domain Persistence: Golden Ticket Attack

Impacket Guide: SMB/MSRPC

Data Exfiltration using DNSSteal

RDP Session Hijacking with tscon

Credential Dumping: Windows Autologon Password

Credential Dumping: Fake Services

Credential Dumping: Domain Cache Credential

Credential Dumping: LAPS

Credential Dumping: DCSync Attack

Credential Dumping: Clipboard

Credential Dumping: Local Security Authority (LSA|LSASS.EXE)

Credential Dumping: Phishing Windows Credentials

Credential Dumping: NTDS.dit

Credential Dumping: Applications

Credential Dumping: SAM

Credential Dumping: Security Support Provider (SSP)

Credential Dumping: WDigest

Credential Dumping: Windows Credential Manager

Credential Dumping: Group Policy Preferences (GPP)

Credential Dumping: Wireless

Windows Persistence: Port Monitors

Windows Persistence using Netsh

Windows Persistence using Bits Job

Windows Persistence using WinLogon

Windows Persistence: Accessibility Features

Windows Persistence: RID Hijacking

Windows Persistence using Application Shimming

Bypass Detection for Meterpreter Shell (Impersonate_SSL)

Command & Control: PoshC2

A Deep Drive on Proactive Threat Hunting

Threat Hunting – A proactive Method to Identify Hidden Threat

Evil SSDP: Spoofing the SSDP and UPnP Devices

Multiple Ways to Exploit Windows Systems using Macros

Windows for Pentester: BITSAdmin

Windows for Pentester: Certutil

Guide to Red Team Operations

Command and Control & Tunnelling via ICMP

Cloakify-Factory: A Data Exfiltration Tool Uses Text-Based Steganography

Data Exfiltration using PowerShell Empire

Get Meterpreter Session Alert over slack

Covert Channel: The Hidden Network

Command & Control: Ares

Command & Control: WebDav C2

Command & Control: WebSocket C2

Command and Control with DropboxC2

Command & Control: Silenttrinity Post-Exploitation Agent

Command & Control Tool: Pupy

Command and Control Guide to Merlin

nps_payload: An Application Whitelisting Bypass Tool

GreatSct – An Application Whitelist Bypass Tool

Command and Control with HTTP Shell using JSRat

Koadic – COM Command & Control Framework

TrevorC2 – Command and Control

Generate Metasploit Payload with Ps1encode

Bypass Application Whitelisting using Weak Path Rule

Bypass Application Whitelisting using cmstp

Bypass Application Whitelisting using rundll32.exe (Multiple Methods)

Bypass Application Whitelisting using regsrv32.exe (Multiple Methods)

Bypass Application Whitelisting using wmic.exe (Multiple Methods)

Bypass Application Whitelisting using msbuild.exe (Multiple Methods)

Bypass Application Whitelisting using mshta.exe (Multiple Methods)

Bypass Application Whitelisting using msiexec.exe (Multiple Methods)

Windows Applocker Policy – A Beginner’s Guide

Comprehensive Guide on MSFPC

Multiple Ways to Exploiting Windows PC using PowerShell Empire

Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework

OSX Exploitation with Powershell Empire

Windows Persistence with PowerShell Empire

Multiple Ways to Exploiting OSX using PowerShell Empire

Hiding IP During Pentest using PowerShell Empire (http_hop)

Hacking with Empire – PowerShell Post-Exploitation Agent