red


Sniffing Firefox traffic with bpftrace
What's in the bpfcc-tools box?
Offensive BPF: Using bpftrace to host backdoors
Offensive BPF: Malicious bpftrace 🤯
Offensive BPF! Getting started.
Backdoor users on Linux with uid=0
Using Microsoft Counterfit to create adversarial examples for Husky AI
Using procdump on Linux to dump credentials
Automating Microsoft Office to Achieve Red Teaming Objectives
Airtag hacks - scanning via browser, removing speaker and data exfiltration
Somewhere today a company is breached
Google's FLoC - Privacy Red Teaming Opportunities
Spoofing credential dialogs on macOS, Linux and Windows
Hong Kong InfoSec Summit 2021 Talk - The adversary will come to your house!
An alternative perspective on the death of manual red teaming
Survivorship Bias and Red Teaming
Actively protecting pen testers and pen testing assets
Machine Learning Attack Series: Overview
Machine Learning Attack Series: Generative Adversarial Networks (GANs)
Assuming Bias and Responsible AI
Abusing Application Layer Gateways (NAT Slipstreaming)
Machine Learning Attack Series: Repudiation Threat and Auditing
Video: Building and breaking a machine learning system
Machine Learning Attack Series: Image Scaling Attacks
Leveraging the Blue Team's Endpoint Agent as C2
Machine Learning Attack Series: Adversarial Robustness Toolbox Basics
Hacking neural networks - so we don't get stuck in the matrix
What does an offensive security team actually do?
CVE 2020-16977: VS Code Python Extension Remote Code Execution
Machine Learning Attack Series: Stealing a model file
Coming up: Grayhat Red Team Village talk about hacking a machine learning system
Beware of the Shadowbunny - Using virtual machines to persist and evade detections
Participating in the Microsoft Machine Learning Security Evasion Competition - Bypassing malware models by signing binaries
Machine Learning Attack Series: Backdooring models
Machine Learning Attack Series: Perturbations to misclassify existing images
Machine Learning Attack Series: Smart brute forcing
Machine Learning Attack Series: Brute forcing images to find incorrect predictions
Getting the hang of machine learning
Beware of the Shadowbunny! at BSides Singapore
Red Teaming Telemetry Systems
Illusion of Control: Capability Maturity Models and Red Teaming
Motivated Intruder - Red Teaming for Privacy!
Firefox - Debugger Client for Cookie Access
Remotely debugging Firefox instances
Performing port-proxying and port-forwarding on Windows
Using built-in OS indexing features for credential hunting
Shadowbunny article published in the PenTest Magazine
Red Teaming and Monte Carlo Simulations
Phishing metrics - what to track?
$3000 Bug Bounty Award from Mozilla for a successful targeted Credential Hunt
Cookie Crimes and the new Microsoft Edge Browser
Post-Exploitation: Abusing Chrome's debugging feature to observe and control browsing sessions remotely
Hunting for credentials and building a credential type reference catalog
Attack Graphs - How to create and present them
Cybersecurity Attacks - Red Team Strategies has been released.
Book: Cybersecurity Attacks - Red Team Strategies
MITRE ATT&CK Update for Cloud and cookies!
Cybersecurity - Homefield Advantage
BashSpray - Simple Password Spray Bash Script
Active Directory and MacOS
KoiPhish - The Beautiful Phishing Proxy
McPivot and useful LLDB commands
Pass the Cookie and Pivot to the Clouds