How to Proxy VM Traffic through Burp Suite 21 April 2023By Adam RoseRecently, I was troubleshooting some Cobalt Strike C2 infrastructure in a... 2023-4-21 22:22:47 | 阅读: 39 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com burp proxy windows machine download

Extending (and Detecting) PersistAssist: Act II 17 April 2023In the previous PersistAssist post, we looked at how to create a new persistence modu... 2023-4-17 21:44:46 | 阅读: 16 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com sysmon eventfilter powershell

Introducing AutoFunkt: Automated Cloud Redirector Generation 13 April 2023By Adam Rose-During recent research into C2 traffic redirection techniques, we found... 2023-4-13 23:15:52 | 阅读: 17 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com cloud autofunkt c2 python spits

Obfuscating C2 Traffic with Google Cloud Functions 04 April 2023IntroductionIn a previous article Maldoc Transfers in the Google Cloud, I wrote about... 2023-4-4 21:38:35 | 阅读: 22 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com cloud c2 teamserver cobalt c2get

A Hacker's Journey 27 March 2023IntroductionTwo years ago I decided I wanted to be a penetration tester. Judging by t... 2023-3-27 21:0:0 | 阅读: 27 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com security soft network python

Maldoc Transfers in the Google Cloud 02 March 2023On a recent red team engagement, we faced the challenge of serving a backdoored Excel... 2023-3-2 23:16:48 | 阅读: 19 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com cloud python reputation gcloud

Extending PersistAssist: Act I 24 January 2023In our previous blog post, we introduced PersistAssist and briefly covered how to e... 2023-1-24 23:7:53 | 阅读: 11 | 收藏 | FortyNorth Security Blog - fortynorthsecurity.com powershell payload tradecraft psprofile

Finding Empty Systems 10 November 2022We've been on penetration tests before and have found the need to find a system th... 2022-11-10 23:19:26 | 阅读: 15 | 收藏 | fortynorthsecurity.com remote edd joined interrupt

PersistAssist: Your Persistence Assistant! 05 September 2022Persistence is a vital aspect of a pentest or red team and ensures you don't lose... 2022-9-5 20:47:11 | 阅读: 18 | 收藏 | fortynorthsecurity.com tradecraft persist payload inheriting

net.exe vs C# - Adding Users and Changing Passwords 06 July 2022On a penetration test, we were performing for a customer, an odd scenario popped up, w... 2022-7-6 21:4:52 | 阅读: 13 | 收藏 | fortynorthsecurity.com odd knew passwordwe setpassword membership

Quickly Modify Shellcode Formats 14 March 2022tl;dr: Quickly and easily convert your raw binary output from Cobalt Strike (or any o... 2022-3-14 21:48:31 | 阅读: 28 | 收藏 | fortynorthsecurity.com cobalt shellcode github formatter

Removing PowerShell Comments, Whitespace, and Handles 01 March 2022tl;dr: Python script that automates removing comments and newlines from PowerShell sc... 2022-3-1 21:32:16 | 阅读: 20 | 收藏 | fortynorthsecurity.com powershell github commentsnew saves anytime

HTTPSC2DoneRight (and Working) 17 February 2022tldr; If you want an update and working copy of httpsc2doneright, grab it here - h... 2022-2-18 03:35:0 | 阅读: 20 | 收藏 | fortynorthsecurity.com cobalt keystore comms converts

Security & Web Development Internship Opportunities 07 January 2022FortyNorth Security is excited to add two interns to the team! We are looking for a... 2022-1-8 01:23:47 | 阅读: 22 | 收藏 | fortynorthsecurity.com security fortynorth intern assessments development

Customizing C2Concealer - Part 2 02 August 2021If you haven't read Part I, we recommend starting there. If you're ready for further... 2021-08-02 21:32:38 | 阅读: 50 | 收藏 | fortynorthsecurity.com beacon c2concealer randomizer

Customizing C2Concealer - Part 1 12 July 2021About a year ago, we publicly released our C2 malleable profile generator for Cobalt S... 2021-07-12 22:00:00 | 阅读: 94 | 收藏 | fortynorthsecurity.com beacon c2concealer python mozilla

Ordinal Values, Windows Functions, and C# 08 June 2021There's many different techniques that an offensive security professional could use to... 2021-06-08 21:44:20 | 阅读: 86 | 收藏 | fortynorthsecurity.com ordinal peview defining 045a

What the F#*% 18 May 2021tldr; Check out our repo which has multiple F# injection routines, evasion techniques,... 2021-05-18 23:38:43 | 阅读: 122 | 收藏 | fortynorthsecurity.com fsharp cobalt unmanaged c2 loader

Deploying a Hash Cracker in Azure 10 May 2021Before we begin, I know, yet another "guide to creating a hash cracker in [insert popul... 2021-05-10 23:42:41 | 阅读: 142 | 收藏 | fortynorthsecurity.com cracking cuda clusters htcondor fairly

Meet EDD - He Helps Enumerate Domain Data 26 April 2021PowerView is by and far the defacto domain enumeration tool. We still use it on asses... 2021-04-26 23:01:39 | 阅读: 122 | 收藏 | fortynorthsecurity.com edd getforest github powerview eddedd