on security, rift, stacktitan, redteam, blueteam, sysmon

Learn the Blue to Improve the Red (Part 2)

The only way to get better at offense is to understand the obstacles one may encounter. Learn how to navigate system log data to use it to your advantage. This second post will introduce the reader to ELK and Sysmon along with procedures to deploy these technologies within their own lab environment.…

on security, rift, stacktitan, redteam, blueteam

Learn the Blue to Improve the Red (Part 1)

The only way to get better at offense is to understand the obstacles one may encounter. Learn how to navigate system log data to use it to your advantage. This is the first of many posts around the topic of defense and operational security.…

on security, rift, stacktitan, development

Postman+Burp Macros and Asymmetrical API Testing

This post will walkthrough using Postman+Burp macros to test asymmetrical APIs…

on security, rift, cloud, aws, stacktitan, egress, webdav, letsencrypt, apache, opsec, pentest, adversary

Secure WebDav Egress: AMZ EC2, Apache, and Let's Encrypt

This post will describe the process to setup an AWS EC2 webdav instance with valid Let's Encrypt certificates. This could be used in attacks where the adversary controls the UNC path and wants an alternative encrypted webdav solution.…

on security, rift, phish, stacktitan

Phishing: Redressing Microsoft COM Objects

This post will describe how to overcome an embedded Office COM object from looking less than enticing and making it more phish friendly, such as a clickable button.…