#hack100days — Public Fediverse posts

#hack100days Day 14. Slacked a bit over the weekend. Read up on Powershell, its relationship w/C#/.Net. Found some references to using C# to run powershell. Looked at msbuild.exe. I had a tab open talking about 'psattack', but the links to the GitHub page resulted in a 404. It looks like one could write a wrapper in C# that can call PowerShell w/out going through powershell.exe. Seems interesting. (Doing this because I didn't have enough time to bang around in CRTO lab.) #RedTeam #LOLBAS #PowerShell

#hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

#hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

#hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

#hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

#hack100days Day 10. Back to #CRTO and the lab. More initial compromise and some host enumeration. #RedTeam #CobaltStrike

#hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[https://github.com/dafthack/MailSniper|Mailsniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

#hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[https://github.com/dafthack/MailSniper|Mailsniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

#hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[https://github.com/dafthack/MailSniper|Mailsniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

#hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[https://github.com/dafthack/MailSniper|Mailsniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

#hack100days Day 8. More time on #CRTO, finally got into the lab and worked on the Initial Compromise section. Got acquainted with [[https://github.com/dafthack/MailSniper|Mailsniper]]. (Reckon its utility is shrinking as OWA and Exchange install bases shrink.)

#hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found https://github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

#hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found https://github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

#hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found https://github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

#hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found https://github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

#hack100days Day 7. Spent more time on extending #CobaltStrike section of #CRTO. Grokking Aggressor Scripts are CS client extensions. Looked harder at Beacon Object Files, not sure if that's going to be important for the test, though. Found https://github.com/CCob/BOF.NET as a way to pull in some .Net, but it's not yet obvious to me how that works. Regardless. Must. Hit. The. Lab.

#hack100days : day 79 : More CRTO. Read a bit about C2 profiles for v4 of CS: https://infosecwriteups.com/red-team-cobalt-strike-4-0-malleable-c2-profile-guideline-eb3eeb219a7c No time in the lab, which is lame. #GetSmart #CRTO #PimumNonNocere

#hack100days : day 79 : More CRTO. Read a bit about C2 profiles for v4 of CS: https://infosecwriteups.com/red-team-cobalt-strike-4-0-malleable-c2-profile-guideline-eb3eeb219a7c No time in the lab, which is lame. #GetSmart #CRTO #PimumNonNocere

#hack100days : day 79 : More CRTO. Read a bit about C2 profiles for v4 of CS: https://infosecwriteups.com/red-team-cobalt-strike-4-0-malleable-c2-profile-guideline-eb3eeb219a7c No time in the lab, which is lame. #GetSmart #CRTO #PimumNonNocere

#hack100days : day 78 : Worked on CRTO. Spent some time in the lab. Got some results I expected. Got some I didn't. Fleshed out notes. #GetSmart #CRTO #PrimumNonNocere

#hack100days : day 78 : Worked on CRTO. Spent some time in the lab. Got some results I expected. Got some I didn't. Fleshed out notes. #GetSmart #CRTO #PrimumNonNocere

#hack100days : day 78 : Worked on CRTO. Spent some time in the lab. Got some results I expected. Got some I didn't. Fleshed out notes. #GetSmart #CRTO #PrimumNonNocere

#hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart

#hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart

#hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart

#hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere

#hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere

#hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere

#hack100days : day 72 : CRTO today. Eighty percent through first pass. Goal is to get through it over the weekend and start hitting the lab next week. #RedTeam #CRTO #PrimumNonNocere

#hack100days : day 72 : CRTO today. Eighty percent through first pass. Goal is to get through it over the weekend and start hitting the lab next week. #RedTeam #CRTO #PrimumNonNocere

#hack100days : day 72 : CRTO today. Eighty percent through first pass. Goal is to get through it over the weekend and start hitting the lab next week. #RedTeam #CRTO #PrimumNonNocere

#hack100days : day 70 : Today was a day of json and powershell. Took a different approach than I usually do. Started with laying out a json schema for all the data elements I want. Then backed into into functions and code. I've coded in ksh and bash for so long, I'm more used to doing the functions first. This is more interesting, because now I hunt for LOLBAS to get the data. #redteam #LolBas

#hack100days : day 41 : Tinkered around with Docker some more. Experimenting with building an image w/enumeration tools. Getting rust onto the system for feroxbuster has me a bit stymied. #infosec #enumeration

#hack100days : day 6b : Finished reading Responsible Red Teaming. Noodled on threat models post-Initial Access via Rubber Ducky. #infosec #att&ck #RRT