Embrace The Red

2023

• Sep 29 Microsoft Fixes Data Exfiltration Vulnerability in Azure AI Playground
• Sep 28 Advanced Data Exfiltration Techniques with ChatGPT
• Sep 18 HITCON CMT 2023 - LLM Security Presentation and Trip Report
• Sep 16 LLM Apps: Don't Get Stuck in an Infinite Loop! 💵💰
• Aug 28 Video: Data Exfiltration Vulnerabilities in LLM apps (Bing Chat, ChatGPT, Claude)
• Aug 01 Anthropic Claude Data Exfiltration Vulnerability Fixed
• Jul 24 ChatGPT Custom Instructions: Persistent Data Exfiltration Demo
• Jul 14 Image to Prompt Injection with Google Bard
• Jul 12 Google Docs AI Features: Vulnerabilities and Risks
• Jul 06 OpenAI Removes the "Chat with Code" Plugin From Store
• Jun 20 Plugin Vulnerabilities: Visit a Website and Have Your Source Code Stolen
• Jun 18 Bing Chat: Data Exfiltration Exploit Explained
• Jun 11 Exploit ChatGPT and Enter the Matrix to Learn about AI Security
• May 28 ChatGPT Plugin Exploit Explained: From Prompt Injection to Accessing Private Data
• May 16 ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery
• May 14 Indirect Prompt Injection via YouTube Transcripts
• May 11 Adversarial Prompting: Tutorial and Lab
• May 10 Video: Prompt Injections - An Introduction
• Apr 27 MLSecOps Podcast: AI Red Teaming and Threat Modeling Machine Learning Systems
• Apr 15 Don't blindly trust LLM responses. Threats to chatbots.
• Mar 29 AI Injections: Direct and Indirect Prompt Injections and Their Implications
• Mar 26 Bing Chat claims to have robbed a bank and it left no trace
• Mar 05 Yolo: Natural Language to Shell Commands with ChatGPT API
• Jan 25 Video Tutorial: Hijacking SSH Agent
• Jan 04 Decrypting TLS browser traffic with Wireshark

2022

• Dec 02 ChatGPT: Imagine you are a database server
• Nov 21 Device Code Phishing Attacks
• Nov 20 Ropci deep-dive for Azure hackers
• Oct 20 PenTest Magazine Open Source Toolkit: ropci
• Oct 20 ROPC - So, you think you have MFA?
• Oct 16 TTP Diaries: SSH Agent Hijacking
• Sep 18 gospray - Simple LDAP bind-based password spray tool
• Sep 09 Malicious Python Packages and Code Execution via pip download
• Aug 28 Machine Learning Attack Series: Backdooring Pickle Files
• Jul 10 Offensive BPF: Using bpftrace to sniff PAM logon passwords
• Jun 26 Post Exploitation: Sniffing Logon Passwords with PAM
• May 28 Customized Hacker Shell Prompts
• Apr 11 GPT-3 and Phishing Attacks
• Apr 03 Grabbing and cracking macOS hashes
• Mar 18 Flipper Zero - Initial Thoughts
• Mar 12 AWS Scaled Command Bash Script - Run AWS commands for many profiles
• Feb 28 Gitlab Reconnaissance Introduction
• Jan 04 Log4Shell and Request Forgery Attacks

2021

• Nov 08 Video: Anatomy of a compromise
• Oct 20 Offensive BPF: Understanding and using bpf_probe_write_user
• Oct 14 Offensive BPF: Sniffing Firefox traffic with bpftrace
• Oct 12 Video: Understanding Image Scaling Attacks
• Oct 10 Video: What is Tabnabbing?
• Oct 09 Offensive BPF: What's in the bpfcc-tools box?
• Oct 07 Offensive BPF: Detection Ideas
• Oct 06 Offensive BPF: Using bpftrace to host backdoors
• Oct 05 Offensive BPF: Malicious bpftrace 🤯
• Sep 30 Offensive BPF! Getting started.
• Sep 06 Video: Web Application Security Fundamentals
• Aug 30 Backdoor users on Linux with uid=0
• Aug 16 Using Microsoft Counterfit to create adversarial examples for Husky AI
• Aug 09 Using procdump on Linux to dump credentials
• Jul 28 The Silver Searcher - search through code and files quickly
• Jul 05 Automating Microsoft Office to Achieve Red Teaming Objectives
• Jun 28 Airtag hacks - scanning via browser, removing speaker and data exfiltration
• Jun 09 Somewhere today a company is breached
• May 01 Google's FLoC - Privacy Red Teaming Opportunities
• Apr 18 Spoofing credential dialogs on macOS, Linux and Windows
• Mar 19 Broken NFT standards
• Mar 03 Hong Kong InfoSec Summit 2021 Talk - The adversary will come to your house!
• Feb 08 An alternative perspective on the death of manual red teaming
• Feb 04 Cybersecurity Attacks - Red Team Strategies Kindle Edition for free
• Feb 02 Team A and Team B: Sunburst, Teardrop and Raindrop
• Jan 22 Survivorship Bias and Red Teaming
• Jan 11 Gamifying Security with Red Team Scores

2020

• Dec 08 Actively protecting pen testers and pen testing assets
• Nov 26 Machine Learning Attack Series: Overview
• Nov 25 Machine Learning Attack Series: Generative Adversarial Networks (GANs)
• Nov 24 Assuming Bias and Responsible AI
• Nov 23 Abusing Application Layer Gateways (NAT Slipstreaming)
• Nov 10 Machine Learning Attack Series: Repudiation Threat and Auditing
• Nov 05 Video: Building and breaking a machine learning system
• Oct 28 Machine Learning Attack Series: Image Scaling Attacks
• Oct 26 Leveraging the Blue Team's Endpoint Agent as C2
• Oct 22 Machine Learning Attack Series: Adversarial Robustness Toolbox Basics
• Oct 20 Hacking neural networks - so we don't get stuck in the matrix
• Oct 19 What does an offensive security team actually do?
• Oct 14 CVE 2020-16977: VS Code Python Extension Remote Code Execution
• Oct 10 Machine Learning Attack Series: Stealing a model file
• Oct 09 Coming up: Grayhat Red Team Village talk about hacking a machine learning system
• Sep 23 Beware of the Shadowbunny - Using virtual machines to persist and evade detections
• Sep 22 Participating in the Microsoft Machine Learning Security Evasion Competition - Bypassing malware models by signing binaries
• Sep 18 Machine Learning Attack Series: Backdooring models
• Sep 16 Machine Learning Attack Series: Perturbations to misclassify existing images
• Sep 13 Machine Learning Attack Series: Smart brute forcing
• Sep 09 Machine Learning Attack Series: Brute forcing images to find incorrect predictions
• Sep 06 Threat modeling a machine learning system
• Sep 05 MLOps - Operationalizing the machine learning model
• Sep 04 Husky AI: Building a machine learning system
• Sep 02 The machine learning pipeline and attacks
• Sep 01 Getting the hang of machine learning
• Aug 28 Beware of the Shadowbunny! at BSides Singapore
• Aug 24 Race conditions when applying ACLs
• Aug 12 Red Teaming Telemetry Systems
• Jul 31 Illusion of Control: Capability Maturity Models and Red Teaming
• Jul 24 Motivated Intruder - Red Teaming for Privacy!
• Jul 21 Firefox - Debugger Client for Cookie Access
• Jul 15 Remotely debugging Firefox instances
• Jul 14 Performing port-proxying and port-forwarding on Windows
• Jul 01 Blast from the past: Cross Site Scripting on the AWS Console
• Jun 30 Feedspot ranked 'Embrace the Red' one of the top 15 pentest blogs
• Jun 22 Using built-in OS indexing features for credential hunting
• Jun 18 Shadowbunny article published in the PenTest Magazine
• Jun 12 Putting system owners in Security Bug Jail
• Jun 10 Red Teaming and Monte Carlo Simulations
• May 24 Phishing metrics - what to track?
• May 13 $3000 Bug Bounty Award from Mozilla for a successful targeted Credential Hunt
• May 01 Cookie Crimes and the new Microsoft Edge Browser
• Apr 28 Post-Exploitation: Abusing Chrome's debugging feature to observe and control browsing sessions remotely
• Apr 26 Hunting for credentials and building a credential type reference catalog
• Apr 06 Attack Graphs - How to create and present them
• Apr 02 Cybersecurity Attacks - Red Team Strategies has been released.
• Feb 15 2600 - The Hacker Quarterly - Pass the Cookie Article
• Feb 12 Web Application Security Principles Revisited
• Feb 06 Zero Trust and Disabling Remote Management Endpoints

2019

• Dec 02 Book: Cybersecurity Attacks - Red Team Strategies
• Oct 27 MITRE ATT&CK Update for Cloud and cookies!
• Sep 01 Coinbase under attack and cookie theft
• Aug 24 Cybersecurity - Homefield Advantage
• Aug 24 Now using Hugo for the blog
• Jul 03 BashSpray - Simple Password Spray Bash Script
• Jun 20 Active Directory and MacOS
• Jun 04 Google Leaks Your Alternate Email Addresses to Unauthenticated Users
• May 21 Lyrebird - Hack the hacker (and take a picture)
• Jan 10 KoiPhish - The Beautiful Phishing Proxy
• Jan 05 McPivot and useful LLDB commands

2018

• Dec 16 Pass the Cookie and Pivot to the Clouds