Network Protocol Analysis - Wireshark and tcpdump

Explore network protocol analysis using Wireshark & tcpdump for packet capture, filtering, dissection, and real-world pen testing scenarios.

June 9, 2023 · 9 min · UncleSp1d3r

BloodHound: Analyzing Active Directory for Security Risks and Attack Paths

BloodHound is a powerful tool for analyzing Active Directory environments, helping red teamers and pen testers visualize complex relationships, identify security risks and attack paths, and develop effective mitigation strategies to strengthen an organization’s security posture.

April 29, 2023 · 8 min · UncleSp1d3r

Mythic: An Introduction to the Open Source Post-Exploitation Framework

Mythic is a powerful, open-source post-exploitation framework that offers red teamers and pen testers an extensible and customizable platform with numerous modules, agents, and C2 profiles to enhance their engagements and achieve objectives in various target environments.

April 22, 2023 · 8 min · UncleSp1d3r

SharpSocks: A .NET-Based Proxy for Red Teaming and Network Penetration Testing

SharpSocks is a powerful .NET-based proxy tool for red teaming and network penetration testing that enables encrypted communications, protocol obfuscation, and access to internal resources, providing professional hackers with stealth and persistence in their engagements.

April 15, 2023 · 5 min · UncleSp1d3r

Dynamic Techniques for Advanced Malware Analysis

This article discusses advanced malware analysis techniques focusing on dynamic analysis and provides real-world examples and code samples for techniques such as memory analysis, network monitoring, and debugging.

April 11, 2023 · 8 min · UncleSp1d3r

Effective Techniques for Physical Security Testing

This article explores techniques and best practices for physical security testing, including social engineering, physical bypass, lock picking, surveillance, and physical access control, and provides real-world examples and resources for red teams and pen testers.

April 10, 2023 · 15 min · UncleSp1d3r

Covenant: Mastering Red Teaming Tactics

This article provides a comprehensive guide to using Covenant, a powerful command and control framework for red teaming and post-exploitation operations, covering its architecture, installation, setup, usage, real-world examples, and custom task development for a technical audience.

April 8, 2023 · 7 min · UncleSp1d3r

IoT Device Hacking: Techniques and Practical Examples

This article provides a comprehensive overview of hacking techniques and real-world examples for exploiting vulnerabilities in IoT devices, including code samples and tool recommendations, intended for a technical audience of red teams and pen testers.

April 7, 2023 · 13 min · UncleSp1d3r

Nishang: PowerShell Scripts for Penetration Testing and Red Teaming

This article explores Nishang, a collection of PowerShell scripts designed for penetration testing and red teaming, covering its various modules, usage examples, and real-world applications, ultimately demonstrating the tool’s value and versatility for cybersecurity professionals.

April 1, 2023 · 7 min · UncleSp1d3r

Empire: A Comprehensive Red Teaming Framework Built on PowerShell

Empire is a comprehensive PowerShell-based red teaming framework that offers a wide array of modules and capabilities for exploiting and controlling compromised systems, enabling pen testers and red teamers to level up their skills and identify security vulnerabilities effectively.

March 25, 2023 · 7 min · UncleSp1d3r