SMBExec: Red Side Analysis (Part 2)
STACKTITAN's Alex Mason is back with part II in this tradecraft series. This time around he demonstrates modifying SMBExec to bypass various detections.…
LOG4J: Vulnerability Detection and Remediation
Get to the Point This is short and sweet because the info is out there, and we just want to direct people to the collective, without the "jump to the recipe" bloat. We are not going to reiterate what has already been provided numerous times elsewhere on the interwebs. What…
Learn the Blue to Improve the Red (Part 2)
The only way to get better at offense is to understand the obstacles one may encounter. Learn how to navigate system log data to use it to your advantage. This second post will introduce the reader to ELK and Sysmon along with procedures to deploy these technologies within their own lab environment.…
Learn the Blue to Improve the Red (Part 1)
The only way to get better at offense is to understand the obstacles one may encounter. Learn how to navigate system log data to use it to your advantage. This is the first of many posts around the topic of defense and operational security.…
Postman+Burp Macros and Asymmetrical API Testing
This post will walkthrough using Postman+Burp macros to test asymmetrical APIs…