This blogpost will be a bit different, as it's going to tell a bit of a story... In this blogpost I want to achieve 2 objectives: address a question I keep hearing and seeing pop up in my DM every now and then, "how do I become a red teamer/ how do I become a … Continue reading I Solemnly Swear I Am Up To No Good. Introducing the Marauders Map
Ever needed a notifier when a new beacon checks in? Don't want to keep checking your Cobalt-Strike server every 5 minutes in the hopes of a new callback? We got you covered! Introducing the notification-service aggressor script available athttps://github.com/NVISOsecurity/blogposts/tree/master/cobalt-strike-notifier If the above image resonates with you, you'll know that the point between sending out your … Continue reading Tap tap… is this thing on? Creating a notification-service for Cobalt-Strike
This blogpost showcases several methods of dynamic invocation that can be leveraged to bypass inline and IAT hooks.
During some redteam engagements, we find ourselves in the need of writing DLL's. However, debugging DLL's is not as easy as it seems, as a DLL isn't built to run on its own.In this article, we will explore how you can debug a DLL effectively. What is a DLL? A DLL is short for a … Continue reading Debugging DLL’s – 3 techniques to help you get started
Ever wondered how tools like ExifTool or stegano programs work under the hood? Ever wanted to create your own program to embed secret data into images? In this is a short blog post on how to embed secret data in image files. This is something you can do as a party trick, some sort of … Continue reading Under the hood: Hiding data in JPEG images
During our red team engagements, we are often reliant on a command and control infrastructure. Typically these infrastructures are capable of loading .NET assemblies in memory, which gave me the idea of coding a filesearcher assembly. This was partially invented because of a CTF event I was participating in which had me hunting several file … Continue reading Unmanaged file searching with Filesearcher.exe
Introduction We are happy to announce that the awesome people maintaining the Sigma project on GitHub have merged our work to support the ee-outliers backend! So what you can you do with this? Sigma already contained support for Elasticsearch through the es-dsl and es-qs backends. However, these generate queries then need to be integrated by … Continue reading Sigma engine adds support for ee-outliers backend: start tagging your Sigma hits in Elasticsearch!
Introduction Earlier this week, we released logalert.py, a simple python tool that can be used to pipe standard output to email for the purpose of alerting. In this blog post we want to give a concrete example of how logalert.py can be used to get simple & reliable email notifications about suspicious firewall connections, based on … Continue reading Email alerting on geographically suspicious firewall connections using logalert.py, geoiplookup and AbuseIPDB
Introduction Today we are releasing a small but useful tool, logalert.py. This tool can be used to pipe standard output to email for the purpose of alerting. A simple caching system is used to avoid sending duplicate alerts within a certain timeframe. The tool was developed for cases where you want a simple and robust … Continue reading Releasing logalert.py – Smart piping of command output to email for alerting
Ranked #1 on HackTheBox Belgium Not so long ago, I achieved a milestone in my penetration testing career.: reaching rank 1 on HackTheBox. For those of you that don't know what Hack The Box (HTB) is: Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and … Continue reading My journey reaching #1 on Hack The Box Belgium – 10 tips, tricks and lessons learned.