Building, Modifying, and Packing with Azure DevOps

In this post I will be showing how to build a Azure DevOps pipeline for .NET projects, and hopefully show some techniques which I have found useful to modify build artifacts to make them a bit different, and in some cases, to increase the time it takes to analyse our tools if detected by Blue Team.…

Read more »

Azure AD Connect for Red Teamers

With clients increasingly relying on cloud services from Azure, one of the technologies that has been my radar for a while is Azure AD. For those who have not had the opportunity to work with this, the concept is simple, by extending authentication beyond on-prem Active Directory, users can authenticate with their AD credentials against Microsoft services such as Azure, Office365, Sharepoint, and hundreds of third party services which support Azure AD.If we review the available documentation, Microsoft show a number of ways in which Azure AD can be configured to integrate with existing Active…

Read more »

How to Argue like Cobalt Strike

In Cobalt Strike 3.13, the argue command was introduced as a way of taking advantage of argument spoofing. I was first made aware of the concept while watching Will Burgess's awesome talk RedTeaming in the EDR Age, with Will crediting Casey Smith who presented the idea during a series of tweets.As with anything introduced to Cobalt Strike which has the chance to improve operational security, I wanted to dig into the concept further to see just how this technique worked under the hood, and to understand just how we can leverage this in other tools developed outside of Cobalt Strike. To start ou…

Read more »

ActiveBreach, powered by Ethereum Blockchain

Posted on

I’m not actually sure when the abstraction of Blockchain started or when it became such a marketing buzzword, but with so many things claiming to be “Powered by The Blockchain”, I wanted to dig into the technology to understand if there was any benefit to be had by an aggressor.…

Read more »