๐ MisCloud is just retired! Walkthrough disclosure - right from the clouds ๐ถโ๐ซ๏ธ
๐ธ Google Cloud Services logs
๐ธ Intense PCAP analysis
๐ธ Really nice real-life scenario
๐ https://blog.cyberethical.me/htb-sherlock-miscloud
Want to try investigations yourself?
๐ https://blog.cyberethical.me/go-htbapp
#CyberEthical #HackTheBox #forensics #EthicalHacking #blueteaming #itsec #dataexfiltration #googlecloudservices #gcs #pcap #wireshark
๐ฃ Full write-up for "Tales for the Brave" - this year's Hard forensics challenge from Hack The Box Cyber Apocalypse CTF - Tales From Eldoria.
๐ธ Code #deobfuscation
๐ธ hashtag#Telegram data exfiltration
๐ธ Malware behavioral analysis
๐ https://blog.cyberethical.me/htb-ctf-2025-forensics-tales-for-the-brave
#CyberEthical #CyberApocalypse25 #HackTheBox #forensics #EthicalHacking #blueteaming #itsec #dataexfiltration #malware
๐ฃ Full write-up for ToolPie this year's forensics challenge from Hack The Box Cyber Apocalypse CTF - Tales From Eldoria.
๐ธ PCAP (network capture) analysis
๐ธ Python bytecode, marshalling, decompiling
๐ https://blog.cyberethical.me/htb-ctf-2025-forensics-toolpie
#CyberEthical #CyberApocalypse25 #HackTheBox #forensics #python #pcap #wireshark #EthicalHacking #blueteaming #itsec #dataexfiltration
DEF CON had incredible talks focused on Blue Teaming, TTPs, and war stories into notorious threat actor groups. Here are a few Malachi Walker covers in his latest blog post:
๐นBehind Enemy Lines: Going undercover to breach the LockBit Ransomware Operation presented by @Jon_dimaggio
๐นThe XZ Backdoor Story: The Undercover Operation That Set the Internet on Fire presented by @fr0gger
๐นThrunting or DEATH! (A BTV Panel) with former DTer @jfslowik along with Randy Pargman, @th3CyF0x, Sydney Marrone, and @rj_chap
Get the full scoop on what each talk covered here: https://www.domaintools.com/resources/blog/a-first-timers-guide-to-hacker-summer-camp/?utm_source=Social&utm_medium=Mastodon
๐จ Must-Read for Cybersecurity Enthusiasts! ๐จ
๐ The InfoSec Diaries ๐ โ a riveting series of short stories that plunge you into the heart of real-life Information Security adventures. From the high-stakes world of Pen Testing and Blue Teaming to the meticulous detail of Digital Forensics, these tales offer an unprecedented look behind the scenes of cybersecurity's most thrilling operations.
๐ Why Read The InfoSec Diaries?
Real-Life Scenarios: Explore authentic stories based on real incidents and challenges faced by professionals in the field.
Diverse Perspectives: Whether youโre rooting for the defenders in Blue Teaming, strategizing alongside Pen Testers, or uncovering truths with Digital Forensics, there's a story for every cybersecurity enthusiast.
Learn and Grow: Each story is not just a narrative but a lesson in cybersecurity practices, vulnerabilities, and defensive tactics.
๐ Perfect for both seasoned professionals and newcomers to the field, The InfoSec Diaries serves as both a learning resource and an exciting dive into the depths of what it means to protect the digital world.
๐ Dive into the adventure now: https://infosecdiaries.com
#InfoSecDiaries #Cybersecurity #PenTesting #BlueTeaming #DigitalForensics #InfoSec #SecurityAwareness
Kerberos OPSEC: Offense & Detection Strategies for Red and Blue Team
- Introduction: https://www.intrinsec.com/kerberos_opsec_introduction/
- Part 1: Kerberoasting: https://www.intrinsec.com/kerberos_opsec_part_1_kerberoasting/
- Part 2: AS_REP Roasting: https://www.intrinsec.com/kerberos_opsec_part_2_as_rep-roasting/
HIRING: Cyber Security Specialist, SIEM Operations / Ottawa, ON ๐ https://infosec-jobs.com/J44189/ #InfoSec #infosecjobs #CyberSecurity #CyberCareer #cyber #security #Debian #jobsearch #CISSP #hiring #HybridWork #bankofcanada #ottawa #ONjobs #SIEM #blueteaming
Simultaneous #RedTeaming and #BlueTeaming.
#pwnagotchi #MarauderESP32 #CyberSecurity
Simultaneous #RedTeaming and #BlueTeaming.
#pwnagotchi #MarauderESP32 #CyberSecurity
@florenciocano
Follow some good hashtags, such as:
#InfoSec #InfoSecurity
#OSINT
#ThreatHunting
#RedTeam #RedTeaming
#BlueTeam #BlueTeaming
#PurpleTeam #PurpleTeaming
#CyberSecurity
#ZeroDay
#PatchTuesday
#Vulnerabilities
#OWASP
#CatsOfMastodon #Caturday #FediCats
Edit: I have no idea why there is an extra linebreak in there. MarkDown! :arthurfist:โ
OffSec (tidigare Offensive Security) har slรคppt en ny Linux-distribution vid namn Kali Purple, lรคs mer hรคr: https://kryptera.se/kali-purple-fran-offsec/
#offensivesecurity #linux #offsec #kali #cybersecurity #purpleteam #blueteaming #blueteam
All my Source Codes for #redteaming & #pentesting + #blueteaming
All in one ;D , here in this repository
[offensive] NativePayload_PE1
[offensive] NativePayload_ARP
[offensive] NativePayload_ARP2
[offensive] NativePayload_BSSID
[offensive] NativePayload_CBT
[offensive] NativePayload_DNS
[offensive] NativePayload_DNS2
[offensive] NativePayload_DynLCI
[offensive] NativePayload_HTTP
[offensive] NativePayload_ICMP
[offensive] NativePayload_IP6DNS
[offensive] NativePayload_Image
[offensive] NativePayload_MP
[offensive] NativePayload_ReverseShell
[offensive] NativePayload_Reverse_tcp
[offensive] NativePayload_TId
[offensive] NativePayload_TiACBT
[offensive] NativePayload_Tinjection
[defensive] BEV4
[defensive] ETWProcessMon2
[defensive] ETWNetMonv3
[defensive] MPD
Video: Kaspersky v21.3 vs New C# Code and Bypassed very well
some real sources: some engineers in some Anti-virus Companies say "COME-ON" ;D etc.
Simple Technique to Load Assembly/Bytes into local process (in-memory) via C# Delegation + Native APIs and Bypassing Anti-viruses ;), some part of code changed via [D]elegate Techniques which i called [Technique ;D] to change some behavior of code (also change source code) and ...
https://www.youtube.com/watch?v=sqyKqiU1lsE
Source code => https://lnkd.in/eZEEhfDY
article => https://lnkd.in/e4PPJe7R
#bypass #bypassav #redteaming #pentesting #blueteaming #csharp #offensivesecurity #offensive #kaspersky #redteam #pentest
Two C# Methods and test on Win 11 [v22H2] with last updates.
Simple #Technique to Load Assembly/Bytes into local process (#inmemory) via C# #Delegation + #Native #APIs and #Bypassing Anti-viruses ;), some part of code changed via [D]elegate Techniques which i called [Technique ;D] to change some #behavior of code (also change source code) and Method is not really new but C# code a little bit is ;D [since 2022 i used this], changing RWX to X and after 2 min to RX by "NativePayload_PE1.cs" or changing RWX to X only by "NativePayload_PE2.cs"
and
some anti-virus companies say "COME-ON", like Kaspersky ;D
note: as #pentester you really need to change your own codes sometimes very fast , these codes changed and again worked very well and as #securityresearcher this is really fun to find out new method/codes to bypass AVs always ;D
article => https://lnkd.in/e4PPJe7R
source code => https://lnkd.in/eZEEhfDY
#bypass #bypassav #redteaming #pentesting #blueteaming #csharp #offensivesecurity #offensive
Two C# Methods vs "Kaspersky cloud security v21.3"
now testing Kaspersky with last update 22/1/2023 and bypassed very well
Simple #Technique to Load Assembly/Bytes into local process (#inmemory) via C# #Delegation + #Native #APIs and #Bypassing Anti-viruses ;), some part of code changed via [D]elegate Techniques which i called [Technique ;D] to change some #behavior of code (also change source code) and Method is not really new but C# code a little bit is ;D [since 2022 i used this], changing RWX to X and after 2 min to RX by "NativePayload_PE1.cs" or changing RWX to X only by "NativePayload_PE2.cs"
and
some anti-virus companies says "COME-ON", like Kaspersky ;D
note: as #pentester you really need to change your own codes sometimes very fast , these codes changed and again worked very well and as #securityresearcher this is really fun to find out new method/codes to bypass AVs always ;D
article => https://www.linkedin.com/pulse/2-simple-c-techniques-bypassing-anti-virus-damon-mohammadbagher/
source code => https://github.com/DamonMohammadbagher/NativePayload_PE1
#bypass #bypassav #redteaming #pentesting #blueteaming #csharp #offensivesecurity #offensive #kaspersky
simple technique to bypass anti-virus via c#
#bypass #bypassav #redteaming #pentesting #blueteaming #csharp #offensivesecurity #offensive
source code => https://github.com/DamonMohammadbagher/NativePayload_PE1
2 Simple C# Techniques for Bypassing Anti-virus
#bypass #bypassav #redteaming #pentesting #blueteaming #csharp #offensivesecurity #offensive
https://www.linkedin.com/pulse/2-simple-c-techniques-bypassing-anti-virus-damon-mohammadbagher/
Between #BlueTeaming and #RedTeaming I strongly prefer the โdarker shade of purpleโ. Gives you a better understanding of the mitigations you are facing. Trying hard to work on my defensive skills.
i saw some article and post which some red-teamers and pentesters talked about what they know and what they can do via C++ and why they think they are better than others ;D (too much arrogant) just because they know little thing to do something via C++ and they think with other language you CAN NOT DO that (just because they don't know nothing about other languages) and they talk about other languages like Java or C# or ... and said hey Java is awful or C# even is not Programming language (these guys make me fun ;D, and its clear they really don't know what they say about others and other programming languages ;p) etc
to me (or probably to all of us) this is not important who are you and what you did or how many years you have experience in #redteaming #pentesting #blueteaming
but the thing is really important to me "be #humble as [adult guy]" and believe me mocking others just show us which you know nothing about that thing which you talked about that (like other #programming #languages )
I saw a lot Pentester/Redteamers which even some of them are younger than me which have/had lower than me experience of pentesting/redteaming or ... but they have very nice & powerful skills in programming to bypassing AVs/EDRs "better than me" and i learned a lot things from them, some of them are C# developers C++ Java Python/Rust etc, believe this or not even some C++ Developer or C# Developer which are not in my cyber security field was my best instructors and i learned from them a lot things,but because they are Developers i did not ignore them for learning new things from them etc
also
i saw some #Redteamers or #Pentesters which never write C2 server/client code by-itself (always work with #C2 tools which made/wrote by others) talked about other Redteamers/ #Securityresearchers which made C2 server by-itself with any languages like C++/C#/java... and mocking them for their works or their codes, and again that because they are not real/good Programmer and they "can not do" that more often thats why they talk about others like that ;), believe me Programming is not Easy in these Fields like Pentesting/Redteaming and C2 programming really IS NOT EASY to do that especially if you want to write C2 server by-itself so you guys really don't know any thing about programming and still talk about that ;D
i know C++ but i never ever talking about C++ like that which you can't do that in C++ and only in C# you can do it, instead i said you can do this in C# simply which probably you can not do this in C++ SIMPLY"
that means just because "i am not C++ Pro Programmer" i can not say you CAN NOT DO THAT IN C++...(because i know you can do that probably in any languages but how).
does not matter how are you and where you live, or work for who, important thing is "be humble" and "be good learner" without "arrogant, childish things"
finally to those make code by itself let others learn from you and don't listen to these type of
guys (make your own chik chik)
