XLS Entanglement
VBA tradecraft is constantly evolving and this past winter, I came across some articles from Adepts of 0xCC. Specifically, their...
Tutorials
Vcenter Server CVE-2021-21985 – RCE PAYLOAD – POC
Note: Vsphere UI is Tomcat middleware by default, so arbitrary code can be executed in the manner of Tomcat RMI...
Overview of Empire 4.0 and C#
The release of Empire 4.0 is just around the corner and we wanted to take some time to walkthrough some...
Empire Dropbox C2 Listener
One of the lesser-known features in Empire is the ability to use alternative Command and Control (C2) methods. Specifically, we...
How To manually check CVE-2021-3156 | Sudo buffer overflow
How to manually test for CVE-2021-3156? Try using the following command. sudoedit -s '\' perl -e 'print "A" x 65536'...
Empire 3.7 and Starkiller 1.6
Last week we announced a new partnership with Kali for Starkiller and Empire. You can read up more about that...
Kali and BC Security Partnership
Background In November, Kali announced a new program for supporting tool developers, which kicked off with sponsoring Byt3Bl33d3r. We are...
KDE Plasma, NVIDIA Prime and External Monitor problems
I've been using KDE plasma for many years on different machines and for the most part, I have been happy...
Hack The Box Walkthrough guide to: Delivery
Disclaimer: I do NOT want you to read this if you have not even tried to attempt any of it...
Bug Bounty API Key Testing CheatSheet
Arrrrgh, Bug Bounty! Slack Webhook If the below command returns missing_text_or_fallback_or_attachments, it means that the URL is valid, any other responses...
How to Integrate a Thinkst Canary Token with Telegram
Thinkst Canary Token WTF is a canary token I hear some of you ask? Well, they are pretty nifty little...
Hack The Box Walkthrough Guide to: ID Exposed
CHALLENGE DESCRIPTIONWe are looking for Sara Medson Cruz's last location, where she left a message. We need to find out...
Whitelisting an IP address in ModSecurity , WordPress troubleshooting, integration and automation.
I have been recently been using Integromat.com for some automation and integration work. IF you are wondering what it is,...
Hack The Box Walkthrough Guide To: Doctor
Disclaimer: I do NOT want you to read this if you have not even tried to attempt any of it...
Hack The Box Walkthrough Guide To: Omni
Disclaimer: I do NOT want you to read this if you have not even tried to attempt any of it...
How to install Tilix on Kali Linux
Do you love using Tilix, but found that the latest version of Kali Linux doesn't seem to support installing it...
Hack The Box Walkthrough Guide To: Academy
Disclaimer: I do NOT want you to read this if you have not even tried to attempt any of it...
Adding Telegram notification to Synology NAS Watchtower
I am going to assume you have already got your NAS working, with a working install of WatchTower.Once that is...
Return of the CLI
The new Empire CLI is out and includes some big changes to the user experience. We rebuilt the CLI to...
Overview Of Empire 3.4 Features
Its been about 2-weeks since we released Empire 3.4, and hopefully, everyone has had a chance to check out all...
Empire: Malleable C2 Profiles
Empire 3.4.0 is our next major release and is packed with one of the most advanced features to-date, Malleable C2....
PowerShell Logging: Obfuscation and Some New(ish) Bypasses Part 1
While giving our talk at the DEF CON Red Team Village a couple of weeks ago, I previewed a PowerShell...
Random SMTP Fun with Telnet
Over the weekend, we were setting up a virtual range for our upcoming class this weekend and was testing a mail server....
Reflective PE Injection in Windows 10 1909
Last month we taught our DEF CON 27 workshop, Introduction to Sandbox Evasion and AMSI Bypasses, as a webinar. It...
