Encrypted Data Exfiltration with DNS
Hi folks! Long time no see 😀 In this post we will write our exfiltration tool with python and DNS. We will use; First at first, we have to understand some of the DNS basics. What is DNS? Why we
Hi folks! Long time no see 😀 In this post we will write our exfiltration tool with python and DNS. We will use; First at first, we have to understand some of the DNS basics. What is DNS? Why we
Hi everyone, in this blog post we will cover SSRF, RCE and Deserialization vulnerabilities with a scenario. Despite of the knowing these vulnerabilities not enough for some red teaming / adversarial emulation operations. We should think how we can use
AV Evasion P3 – Behavioral/Heuristic Engine We discussed Static and Dynamic Engines. In this post I will try to explain heuristic engine bypassing. I don’t like to give direct techniques, like “you must use X codes or Y techniques”. The
Malware Development – AV Evasion P2 Hi everyone in this post we will talk about bypassing AV Engines which we talked about on YouTube videos. Firstly, let’s remember the static and dynamic engines. What do these mean? Static Engine: The
Hi everyone, welcome back. I couldn’t write any blogs due to some extra projects and my OSEP Journey. In this post series, we will talk about evasion techniques and bypassing security solutions. But, firstly we must start with understanding these
Hi everyone. In this article, ı want to explain what is pivoting and telling some keywords about it. Firstly, we should know post exploitation phase or something like this 🙂 What is Post-Exploitation? We could exploit an RCE vulnerability and
Book Name: Red Team – Development And Operations Author: Joe VEST & James TUBBERVILLE Docs: https://redteam.guide/docs/ Topic: Red Teaming Level: Advanced Hi all!.. I’m here with a new book review. I’m interested in security topics like offensive security, red teaming,
Book Name: Advanced Penetration Testing Author: WIL ALLSOPP, HANS VAN DE LOOY (Foreword) Publisher: Wiley Topic: Penetration Testing, Red Teaming Level: Advanced Hi everyone. I’m here with a new book review. I read this book a few months ago but
Hi everyone, I’m back. In this post, I want to introduce some c2 frameworks and I will explain how to use tor services for our c2 server. Let’s start with frameworks!.. C2 Frameworks which I want to introduce: Covenant Cobalt
I want to show you the data exfiltration technique with base64 and cellphone cam, also you can use it with OCR. But OCR doesn’t convert image to text %100, you must fix encoded file. Imagine that, you found a file