π [ Tyl0us, Matt Eidelberg ]
Check out my talk focusing on shining a light on the mindset of a red team and how they covertly compromise an organizationβs security. Lots of great TTPs and stories to share check it out #SourceZeroCon https://t.co/FiiVCJhi0t #netsec #redteam #evasion
π http://bit.ly/3K3argl
π₯ [ tweet ]
Check out my talk focusing on shining a light on the mindset of a red team and how they covertly compromise an organizationβs security. Lots of great TTPs and stories to share check it out #SourceZeroCon https://t.co/FiiVCJhi0t #netsec #redteam #evasion
π http://bit.ly/3K3argl
π₯ [ tweet ]
π [ Tyl0us, Matt Eidelberg ]
Small update to ScareCrow. Shoutout to @mariuszbit for the feature request. Check it out: https://t.co/VIQVnKd2tJ
#netsec #redteam #EDR #evasion
π https://github.com/optiv/ScareCrow
π₯ [ tweet ]
Small update to ScareCrow. Shoutout to @mariuszbit for the feature request. Check it out: https://t.co/VIQVnKd2tJ
#netsec #redteam #EDR #evasion
π https://github.com/optiv/ScareCrow
π₯ [ tweet ]
π1
π [ Tyl0us, Matt Eidelberg ]
Mangle is a tool that manipulates aspects of compiled PEs to avoid detection from EDRs. It can strip out IoCs and inflate files to avoid detection and more. Check it out https://t.co/lpQCrDGnd1 #netsec #redteam #evasion
π https://github.com/optiv/Mangle
π₯ [ tweet ]
Mangle is a tool that manipulates aspects of compiled PEs to avoid detection from EDRs. It can strip out IoCs and inflate files to avoid detection and more. Check it out https://t.co/lpQCrDGnd1 #netsec #redteam #evasion
π https://github.com/optiv/Mangle
π₯ [ tweet ]
π₯1
π [ Tyl0us, Matt Eidelberg ]
New Tool - Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods. Check it out: https://t.co/hjB7aXqVhy
#netsec #redteam #EDR #evasion
π https://github.com/optiv/Freeze
π₯ [ tweet ]
New Tool - Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods. Check it out: https://t.co/hjB7aXqVhy
#netsec #redteam #EDR #evasion
π https://github.com/optiv/Freeze
π₯ [ tweet ]
π [ naksyn, Diego Capriotti ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
π https://github.com/naksyn/PythonMemoryModule/
π₯ [ tweet ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
π https://github.com/naksyn/PythonMemoryModule/
π₯ [ tweet ]
π₯1
π [ Tyl0us, Matt Eidelberg ]
ScareCrow 5.0 is out now, a massive rewrite of the framework with huge new features, IoC's removed & new evasion techniques added. If you are curious take a look at the changelog. Check it out: https://t.co/VIQVnKd2tJ #netsec #redteam #EDR #evasion
π https://github.com/optiv/ScareCrow
π₯ [ tweet ]
ScareCrow 5.0 is out now, a massive rewrite of the framework with huge new features, IoC's removed & new evasion techniques added. If you are curious take a look at the changelog. Check it out: https://t.co/VIQVnKd2tJ #netsec #redteam #EDR #evasion
π https://github.com/optiv/ScareCrow
π₯ [ tweet ]
π [ DarkCoderSc, Jean-Pierre LESUEUR ]
πΈπ½ Interested in C2 over FTP(S)? Explore my new project, SharpFtpC2, which enables execution of shell commands on remote systems via FTP(S). Currently in beta and lacking encryption, but it's on the way: https://t.co/9Dkf19MhJL
#InfoSec #Malware #Network #Evasion #FTP
π https://github.com/DarkCoderSc/SharpFtpC2
π₯ [ tweet ]
πΈπ½ Interested in C2 over FTP(S)? Explore my new project, SharpFtpC2, which enables execution of shell commands on remote systems via FTP(S). Currently in beta and lacking encryption, but it's on the way: https://t.co/9Dkf19MhJL
#InfoSec #Malware #Network #Evasion #FTP
π https://github.com/DarkCoderSc/SharpFtpC2
π₯ [ tweet ]
π₯3