Carrie Roberts //* (Updated 2/12/2020) ADVISORY: The techniques and tools referenced within this blog post may be outdated and do not apply to current situations. However, there is still potential [β¦]
The post Getting PowerShell Empire Past Windows Defender appeared first on Black Hills Information Security, Inc..
Carrie Roberts //* SSHazam is a method of running any C2 tool of your choice inside a standard SSH tunnel to avoid network detections. The examples here involve running PowerShell [β¦]
The post SSHazam: Hide Your C2 Inside of SSH appeared first on Black Hills Information Security, Inc..
Carrie Roberts* // I have added resource file and autorun functionality to PowerShell Empire. Empire now has the ability to run multiple commands at once by specifying the commands in [β¦]
The post Empire Resource Files and Auto Runs appeared first on Black Hills Information Security, Inc..
Logan Lembke// Here at BHIS, we β₯ Bro IDS. Imagineβ¦ Bro IDS Everywhere! If you havenβt encountered Bro IDS before, checkout thisΒ webcastΒ on Johnβs Youtube channel discussing the need for Bro [β¦]
The post Letβs Go Hunting! How to Hunt Command & Control Channels Using Bro IDS and RITA appeared first on Black Hills Information Security, Inc..
Kent Ickler // A robot wearing bootsβ¦ with strapsβ¦. Have you been tasked with automation in the Command and Control (C2) world? If so your goal is to shorten the [β¦]
The post Empire Bootstrapping v2 β How to Pre-Automate All the Things! appeared first on Black Hills Information Security, Inc..
Carrie Roberts* // Using a trusted certificate and non-default Empire options will help increase your chances of getting a successful session out of a network. Follow these instructions to get [β¦]
The post Using PowerShell Empire with a Trusted Certificate appeared first on Black Hills Information Security, Inc..
Login