Jeff Dimmock

Designing Effective Covert Red Team Attack Infrastructure

F’Awk Yeah! Advanced sed and awk Usage (Parsing for Pentesters 3)

Randomized Malleable C2 Profiles Made Easy

Malleable Command and Control (C2) profiles provide red teamers and penetration testers with a wealth of options to modify how Cobalt Strike both appears on the wire and on the compromised host. Malleable C2 can be used to impersonate actual threat actors…

Attack Infrastructure Log Aggregation and Monitoring

Serving Random Payloads with Apache mod_rewrite

As testers, we sometimes need some good, old-fashioned trial and error to get things working. Phishing is one of the attacks that commonly takes more than one attempt to get payloads and command and control (C2) working properly. This post covers…

How To Pass the Ticket Through SSH Tunnels

The Pass the Ticket (PtT) attack method uses a Kerberos ticket in place of a plaintext password or NTLM hash. Probably the most common uses of PtT are using Golden and Silver Tickets. Gaining access to a host via PtT is fairly straightforward; however…

Red Teaming for Pacific Rim CCDC 2017

A few weeks, ago I had the pleasure of participating on the Red Team for Pacific Rim CCDC…

Slack Bots for Trolls and Work

In the (belated) spirit of April Fool’s Day, I wanted to slightly diverge from a strictly infosec topic…

How to Make Communication Profiles for Empire

In a recent post, I detailed how to make a Malleable C2 profile for Cobalt…