home.social

#crto — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #crto, aggregated by home.social.

fetched live
  1. I’ve just published the second guide (out of three I’m going to publish on Crystal Palace, and in this case on Mythic C2. The first one is the one I published a few days ago, which breaks down Crystal Palace in great detail), with this one focusing more on Mythic C2, Xenon Agent and how I apply ‘Crystal Palace’ within this infrastructure.

    In this guide, I don’t explain how I bypass EDRs, but rather how Mythic actually works, as it’s a really interesting project for long-term personal and business C2 set-ups, and how the link with Crystal Palace works at a logical level.

    Finally, in the last piece of documentation, due out in a couple of days, I’ll tackle the subject of that infamous loader that I think we all hate. I’ll speak from my own experience and because I use Rust covering what I’ve learnt from Altered Security CETP and Zero-Point Security Ltd CRTL, as well as my personal preferences.

    In the meantime, here’s the link and a diagram that more or less represents (IN A VERY SIMPLIFIED, EXTREMELY SUMMARISED AND CONCISE WAY) a current workflow using Mythic to evade, in my case, Elastic 9.4.2, MDE and CrowdStrike (I do miss having a CrowdStrike licence; mine ran out a month and a half ago 😭 )

    (The documentation is in Spanish.:) )

    fallenangel666-blog.pages.dev/

    #Malware #CRTO #CRTL #ciberseguridad #hacking #windows #cybersecurity #RedTeam #kernel #C2 #mythicc2 #cobaltstrike #ring0

  2. Criteo targets Luxembourg redomicile; U.S. move possible in 2027 | CRTO SEC Filing

    Filed by Criteo S.A. pursuant to Rule 425 under the Securities Act of 1933 and deemed filed pursuant…
    #Luxembourg #Luxemburg #LU #Europe #Europa #EU #criteo #CRTO #directlisting #FormS-4 #Lëtzebuerg #luxembourg #redomiciliation #taxrate
    europesays.com/2971023/

  3. That's how it ends, with the #CRTO certificate. One of he best courses I attended so far!

  4. That's how it ends, with the #CRTO certificate. One of he best courses I attended so far!

  5. That's how it ends, with the #CRTO certificate. One of he best courses I attended so far!

  6. Got in some practice "pillaging" DPAPI. Next, more lateral movement practice. #CRTO #GetSmart

  7. Got in some practice "pillaging" DPAPI. Next, more lateral movement practice. #CRTO #GetSmart

  8. Got in some practice "pillaging" DPAPI. Next, more lateral movement practice. #CRTO #GetSmart

  9. Got in some practice "pillaging" DPAPI. Next, more lateral movement practice. #CRTO #GetSmart

  10. Got in some practice "pillaging" DPAPI. Next, more lateral movement practice. #CRTO #GetSmart

  11. Phishing bit worked. Need to rework the persistence. First crack didn't work as expected. #CRTO #GetSmart #PracticeMakesPerfect

  12. Phishing bit worked. Need to rework the persistence. First crack didn't work as expected. #CRTO #GetSmart #PracticeMakesPerfect

  13. Phishing bit worked. Need to rework the persistence. First crack didn't work as expected. #CRTO #GetSmart #PracticeMakesPerfect

  14. Phishing bit worked. Need to rework the persistence. First crack didn't work as expected. #CRTO #GetSmart #PracticeMakesPerfect

  15. Phishing bit worked. Need to rework the persistence. First crack didn't work as expected. #CRTO #GetSmart #PracticeMakesPerfect

  16. We are thrilled to announce that #AdversaryWars #AdversaryVillageCTF at @defcon 31 has secured a Gold sponsorship from Zero-Point Security and RastaMouse, the creator of the awesome #CRTO #RedTeamOps #AdversarySimulation course.
    We extend our heartfelt gratitude to #ZeroPointSecurity and Rasta for their unwavering support to the #AdversaryVillage community.

    For more information, please visit our webpage: adversaryvillage.org/adversary
    Learn more about Zero-Point Security training: training.zeropointsecurity.co.

    #PurpleTeam #BreachSimulation #BAS #AdversaryTactics #DEFCON31 #AdversaryEmulation #AdversaryMindset #AdversaryTradecraft #CTF #AdversaryWarsCTF #DEFCON

  17. We are thrilled to announce that #AdversaryWars #AdversaryVillageCTF at @defcon 31 has secured a Gold sponsorship from Zero-Point Security and RastaMouse, the creator of the awesome #CRTO #RedTeamOps #AdversarySimulation course.
    We extend our heartfelt gratitude to #ZeroPointSecurity and Rasta for their unwavering support to the #AdversaryVillage community.

    For more information, please visit our webpage: adversaryvillage.org/adversary
    Learn more about Zero-Point Security training: training.zeropointsecurity.co.

    #PurpleTeam #BreachSimulation #BAS #AdversaryTactics #DEFCON31 #AdversaryEmulation #AdversaryMindset #AdversaryTradecraft #CTF #AdversaryWarsCTF #DEFCON

  18. We are thrilled to announce that #AdversaryWars #AdversaryVillageCTF at @defcon 31 has secured a Gold sponsorship from Zero-Point Security and RastaMouse, the creator of the awesome #CRTO #RedTeamOps #AdversarySimulation course.
    We extend our heartfelt gratitude to #ZeroPointSecurity and Rasta for their unwavering support to the #AdversaryVillage community.

    For more information, please visit our webpage: adversaryvillage.org/adversary
    Learn more about Zero-Point Security training: training.zeropointsecurity.co.

    #PurpleTeam #BreachSimulation #BAS #AdversaryTactics #DEFCON31 #AdversaryEmulation #AdversaryMindset #AdversaryTradecraft #CTF #AdversaryWarsCTF #DEFCON

  19. We are thrilled to announce that #AdversaryWars #AdversaryVillageCTF at @defcon 31 has secured a Gold sponsorship from Zero-Point Security and RastaMouse, the creator of the awesome #CRTO #RedTeamOps #AdversarySimulation course.
    We extend our heartfelt gratitude to #ZeroPointSecurity and Rasta for their unwavering support to the #AdversaryVillage community.

    For more information, please visit our webpage: adversaryvillage.org/adversary
    Learn more about Zero-Point Security training: training.zeropointsecurity.co.

    #PurpleTeam #BreachSimulation #BAS #AdversaryTactics #DEFCON31 #AdversaryEmulation #AdversaryMindset #AdversaryTradecraft #CTF #AdversaryWarsCTF #DEFCON

  20. We are thrilled to announce that #AdversaryWars #AdversaryVillageCTF at @defcon 31 has secured a Gold sponsorship from Zero-Point Security and RastaMouse, the creator of the awesome #CRTO #RedTeamOps #AdversarySimulation course.
    We extend our heartfelt gratitude to #ZeroPointSecurity and Rasta for their unwavering support to the #AdversaryVillage community.

    For more information, please visit our webpage: adversaryvillage.org/adversary
    Learn more about Zero-Point Security training: training.zeropointsecurity.co.

    #PurpleTeam #BreachSimulation #BAS #AdversaryTactics #DEFCON31 #AdversaryEmulation #AdversaryMindset #AdversaryTradecraft #CTF #AdversaryWarsCTF #DEFCON

  21. #hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

  22. #hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

  23. #hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

  24. #hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

  25. #hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

  26. #hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[github.com/dafthack/MailSniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

  27. #hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[github.com/dafthack/MailSniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

  28. #hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[github.com/dafthack/MailSniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

  29. #hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[github.com/dafthack/MailSniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

  30. #hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[github.com/dafthack/MailSniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

  31. Cleared my #CRTO Red Team Operator exam this week from Zero Point Security. Great course and exam experience!

  32. #hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

  33. #hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

  34. #hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

  35. #hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

  36. #hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

  37. #hack100days : day 78 : Worked on CRTO. Spent some time in the lab. Got some results I expected. Got some I didn't. Fleshed out notes. #GetSmart #CRTO #PrimumNonNocere

  38. #hack100days : day 78 : Worked on CRTO. Spent some time in the lab. Got some results I expected. Got some I didn't. Fleshed out notes. #GetSmart #CRTO #PrimumNonNocere

  39. #hack100days : day 78 : Worked on CRTO. Spent some time in the lab. Got some results I expected. Got some I didn't. Fleshed out notes. #GetSmart #CRTO #PrimumNonNocere

  40. #hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart

  41. #hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart

  42. #hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart

  43. #hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere

  44. #hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere

  45. #hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere

  46. #hack100days : day 72 : CRTO today. Eighty percent through first pass. Goal is to get through it over the weekend and start hitting the lab next week. #RedTeam #CRTO #PrimumNonNocere

  47. #hack100days : day 72 : CRTO today. Eighty percent through first pass. Goal is to get through it over the weekend and start hitting the lab next week. #RedTeam #CRTO #PrimumNonNocere