Purple Teaming and Detection Engineering even though that as a concept exist in the information security industry for years lack of specific standardization, models and metrics. The absence of dedi…

Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker. - mlcsec/EDRenum-BOF

Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team

Modern web browsers have the capability to store web application based credentials of users in an encrypted format. This functionality has been seen as a security improvement towards the password hygi...

Learn UDRL's role in runtime masking, including how to track Beacon with BUD and loading an External C2 DLL at the same time as Beacon and mask both DLLs at runtime with Sleepmask-VS.

Microsoft introduced Data Protection Application Programming Interface (DPAPI) in Windows environments as a method to encrypt and decrypt sensitive data such as credentials using the CryptProtectData ...

Even within organizations that have achieved a mature security posture, targeted NTLM relay attacks are still incredibly effective after…

BloodHound is an attack path management solution which can discover hidden relationships in Active Directory by performing data analysis to identify paths in the domain that will lead to lateral movem...