Red teaming matters more than ever in 2025 and beyond. Find out how organizations are read teaming with AI to fight AI.| CDInsights
Reverse proxy phishing with Evilginx is a technique where a phishing site acts as a proxy server, intercepting legitimate requests and forwarding them to the genuine website while capturing sensitive information from users. This approach allows us to create convincing phishing campaigns by seamlessly proxying the target site, making it [...]| Krptyk
Remote debugging is a powerful feature that allows developers to connect to a running browser instance and control it externally. This capability, however, can be turned into a potent tool in the hands of a red team aiming to probe the defenses of a target organization. What is remote debugging? [...]| Krptyk
This post is a continuation on the chrome cookie theft series. Previously I walked through how we can exfiltrate and decrypt the cookies from a users chromium browser. But what if the user is currently using their browser? If this is the case then we can’t just copy and paste [...]| Krptyk
This post is a continuation on the chrome decryption series. Previously I walked through how we can exfiltrate and decrypt the login data (credentials) from a users chrome browser. While capturing login data is a treasure trove of info, there’s another dimension to this exploration: cookies. Cookies, those seemingly innocuous [...]| Krptyk
Active Directory (AD) is the heart of many corporate networks, and as a penetration tester, understanding how to navigate and manipulate it is essential. In this guide, we will explore the powerful tool ADExplorer and uncover its various applications for offensive purposes. ADExplorer is part of Mark Russinovich’s Sysinternals suite, [...]| Krptyk
The tastic RFID thief was created nearly ten years ago, and it only seemed fitting to bring this up again since, well, it still works today. Why does it still work? Well, replacing an entire buildings access control systems is extremely expensive so outdated technology is left since theoretically it [...]| Krptyk
Security assessment of Meta's Llama 4 Scout and Maverick models shows medium risk (52-58%) with notable jailbreak vulnerabilities.| protectai.com
Failing to meet CMMC requirements can result in immediate and long-term business risks, particularly for organizations in the Department of Defense (DoD) DIB supply chain.| fortreum.com
The biggest threat to the success of a professional development programme – or any school improvement intervention – is so obvious it gets missed. Teachers are busy and schools are complicated. So what actually happens never matches what you intend to happen. New leaders of professional development are sometimes surprised by this. Experienced leaders aren’t […]| Improving Teaching
Depending on the customer’s preference, possible initial access vectors in our red teaming exercises typically include deployment of dropboxes, (device code) phishing or a stolen portable device. The latter is usually a Windows laptop protected by BitLocker for full disk encryption without pre-boot authentication i.e. without a configured PIN or an additional key file. While […]| Compass Security Blog
Coercing the domain controller machine account to authenticate to a host which is under the control of a threat actor could lead to domain compromise. The most notable technique which involves coer…| Pentest Laboratories
The binary fltMC.exe is used to manage minifilter drivers. You can easily load and unload minifilters using this binary. To unload the Sysmon driver you can use: fltMC unload SysmonDrv If this bina…| 🔐Blog of Osanda
TLDR: Introducing a certipy parse command to perform stealthy offline AD CS enumeration based on local registry data.| blog.compass-security.com
This blog post introduces our new custom queries for BloodHound Community Edition (CE) and explains how you can use them effectively to analyze your Active Directory infrastructure.| blog.compass-security.com
Master Active Directory pentesting using Netexec. Gain insights into enumeration, privilege escalation, and more.| Hacking Articles
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteOwner permission in Active Directory environments. The WriteOwner permission| Hacking Articles
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the GenericWrite permission in Active Directory environments. This permission can| Hacking Articles
In this post, we explore the exploitation of Discretionary Access Control Lists (DACL) using the ForcePasswordChange permission in Active Directory environments. This permission is especially| Hacking Articles
In this post, we explore the exploitation of Discretionary Access Control Lists (DACL) using the Generic ALL permission in Active Directory environments. This permission provides| Hacking Articles
NetExec (nxc) is a powerful network exploitation tool developed as a modern successor to CrackMapExec (CME), which was widely used by penetration testers and red| Hacking Articles
Blogs related to information security.| 3xpl01tc0d3r.blogspot.com
Windows Remote Management (WinRM) is a protocol developed by Microsoft for remotely managing hardware and operating systems on Windows machines. It is a component of| Hacking Articles
As per a survey, 68% of companies believe that Red Teaming outperforms Blue Teaming. What if your organization's defenses were stress-tested not through routine audits| WeSecureApp :: Securing Offensively
This is my review of the Pentester Academy Red Team Lab. I got the possibility to try out the Red Team Lab (Thanks Nikhil Mittal) and I wanted to write my experiences with it. This was a lot of fun and I learned a lot of stuff along the road. It started out with a … Continue reading Doing the PentesterAcademy Red Team Lab→| Oddvar Moe's Blog
Explore Pwncat, a powerful penetration testing tool, for reverse shells, port forwarding, and file transfers with ease.| Hacking Articles
