Pentest MindMap Port and Service Enumeration • Ports Opened: ◇ 22/ssh ◇ 80/http ◇ 111/rpc ◇ 139/smb ◇ 445/smb ◇ 49455/RPC Services Enumeration Port 80: Visiting the Website Scra...

Intro This room explores the AD Certificate Services (AD CS) and the misconfigurations seen with certificate templates. Research done and released as a whitepaper by SpecterOps...

Lampiao Penetration Testing Report

Introduction An adversary may struggle to overcome specific detections when facing an advanced AV engine or EDR. Even after employing some of the most common obfuscation or evasion techniques...

Intro Welcome to Sandbox Evasion Lots of companies deploy a “Defense in Depth” strategy, which refers to implementing security in layers, so if one layer fails, there should be another one that a...

Intro With the release of PowerShell <3 the Blue Team, Microsoft released AMSI (Anti-Malware Scan Interface), a runtime monitoring solution designed to stop and monitor ongoing threats. Lear...

Obfuscation is an essential component of detection evasion methodology and preventing analysis of malicious software. Obfuscation originated to protect software and intellectual property from ...

Introduction An IDS is a system that detects network or system intrusions. One analogy that comes to mind is a guard watching live feeds from different security cameras. He can spot a the...

What is Living off the Land? Living off the Land is a trending term in the red team community. The name is taken from real-life, living by eating available food on the land. Similarly, adve...

Network Topology Introduction In this room, we will look at lateral movement, a group of techniques used by attackers to move around the network while creating as few alerts as possible....