Overview Ransomware is here to stay and cyber security professionals need to be trained to prevent, detect, respond, and recover from ransomeware attacks. So, how do we do that in an ethical and repeatable way? This post will walk through how SpecterInsight’s ransomware emulation capability works and give insight into the inner workings of a […]
How to Emulate a Ransomware Attack Read More »
Overview The primary tactic we will be exploring in this post is the use of proxies inside of a target network. There are a lot of different types of proxies for both offense and defense. This post will focus on Internal Proxies (MITRE 1090.001) which are a sub-technique of Proxy (MITRE 1090). We will cover
Overview Credential harvesting, also known as credential theft or credential stealing, refers to the collection sensitive authentication information from individuals or systems. The goal of credential harvesting is to obtain usernames, passwords, or other authentication tokens that allow access to protected resources. This post will cover a variety of different credential harvesting techniques, how to
Credential Harvesting with PowerShell and SpecterInsight Read More »
Overview In this post, I am going to demonstrate a script for automating a local TCP port scan in PowerShell. This was a seemingly simple task that I end up doing in almost all of my engagements, and I get tired of having to manually identify connected networks and built a command to port scan
Automating a Local Portscan Read More »
Overview In this post, we are going to demonstrate how to build a script to automate persistence lay down via WMI Event Subscription and dynamically generated PowerShell payloads. By the end, we will have a single parameterized script that can be leveraged to establish signature resistant persistence, thus alleviating much of the tedious manual work
Persistence with WMI Event Subscription and PowerShell Cradles Read More »
