TL;DR The Microsoft-Windows-Threat-Intelligence ETW Provider is a very powerful tool to detect many kill chain attacks such as memory injection and others. In this blog, I will show a way to take...
Setting up an automated Red Team Infrastructure (REDCELL)
Redcell is an Infrastructure as Code Lab of red teamers operations , it’s built using Vagrant and Ansible , and it can be deployed and run locally . This lab is made of six virtual machines that se...
Setting up an Nginx Redirector for covenant C2
What is covenanat C2 ? Covenant is a .NET command and control framework and web application that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, a...
- 1
- 1 / 1