• Home
Subscribe

ATT&CK

ATT&CK

Ryan Smith / July 02, 2019

An overview of MITRE's ATT&CK framework.…

Read More

Tags: Red TeamingBlue Team
Linux File Hierarchy Standard

Linux File Hierarchy Standard

Ryan Smith / June 11, 2019

A look at the various directories and subdirectories found on Linux.…

Read More

Tags: Linux
Bypassing Anti-CSRF with Burp Suite Session Handling

Bypassing Anti-CSRF with Burp Suite Session Handling

Ryan Villarreal / May 25, 2019

Using Burp Suite to bypass anti-CSRF protections with the built-in Session Handling and Macro recorder.…

Read More

Tags: burpsuiteweb appWeb TokenBypassCybersecurityDVWAKali ToolsOWASPPentestCSRFAnti-CSRF
Adding Burp Suite CA Certificate to Kali Linux Certificate Store

Adding Burp Suite CA Certificate to Kali Linux Certificate Store

Ryan Villarreal / May 25, 2019

Quick blog post to offer instructions on how to add a Burp Suite CA certificate to the Kali Linux CA Store.…

Read More

Tags: burpsuiteKali LinuxCACertificatesCommand Line
eLearnSecurity's Web Application Penetration Tester Review

eLearnSecurity's Web Application Penetration Tester Review

Ryan Smith / May 16, 2019

My thoughts on eLearnSecurity's Web App Penetration Testing course.…

Read More

Tags: web appRevieweLearnSecurityburpsuitepenetration testPentestTrainingeWPT
Cobalt Strike!

Cobalt Strike!

Ryan Smith / May 09, 2019

A beginner's guide to the tool used for adversary simulations and Red Team operations: Cobalt Strike.…

Read More

Tags: Red Teamingpenetration testC2Command and ControlKali ToolsPost ExploitationReportingCobalt Strike
Bestest Red Team

Bestest Red Team

Ryan Smith / March 28, 2019

A look at how to create and execute a successful Red Team operation.…

Read More

Tags: Red Teaming
Going Phishing with Terraform

Going Phishing with Terraform

Ryan Villarreal / March 21, 2019

Terraform is a tool for building, changing, and versioning cloud or local infrastructure safely and efficiently. Using Terraform Red Teams can quickly spin up offensive resources.…

Read More

Tags: CloudAWSTerraformRed-BaronTerraformFunGoogle CloudGoPhishAutomateRedteamingPhishing
Newer Posts Page 2 of 8 Older Posts

About

Two cybersecurity professionals trying to get better at all things security.

Banner Ad

Latest Posts

  • Container Escaper
    September 17, 2019
  • Stepping Into Debugging with GDB!
    September 14, 2019
  • Information Gathering With Cobalt Strike
    August 16, 2019

Authors

  • Bestest RedTeam
  • Ryan Smith
  • Ryan Villarreal

Tags

802.11802.1xActive DirectoryAnti-CSRFAssemblyAutomateAutomationAWSBetaBettercapBGPBitcoinBloodhoundBlue TeamburpsuiteBypassbyt3bl33d3rC ProgrammingC2CACapture The FlagCertificatesCloudClusterCMECobalt StrikeCodingCommand and ControlCommand LineContainerCORSCrackMapExecCSRFCTFCybersecurityDebugDebuggerDetectionDockerDomain AdminDomain ControllerDVWAeLearnSecurityelkelkstackEnumerationeWPTExecutionPolicyFreeRADIUSGDBghostGNUGNU RadioGoogle CloudGoPhishGraph TheoryHackingHackRFHashcatHijackingHTTPHTTP/2ImpacketInformation GatheringInternal NetworkInternet of ThingsJavaScriptJuiceShopJWTKali LinuxKali ToolsKerberosLateral MovementLinuxMerlinMicrosoftMicrosoft OfficeMiningNe0nd0gNeo4jNetworkingNULL SessionOffensive SecurityOffSecopen redirectOSCEOSWPOWASPpassword crackingpenetration testPentestPhishingPHPPineapplePixel TrackingPortainerPost ExploitationPowershellProtocolsPythonRadio FrequencyReconRed TeamingRed-BaronRedteamingReportingReviewRFRFCRTL-SDRS3SambaScansScapyScriptingService Principal NameServicesShodanSMBSMBClientSocial EngineeringSoftware Defined RadioSPNSwarmsysadminTerraformTerraformFunTrainingUUIDVulnerability Scanningwardrivingweb appWeb ApplicationWeb TokenWebAppWifiWiFuWiglewindowswirelessWPAXSS
Twitter GitHub
Opinions expressed are solely our own and do not express the views or opinions of our employers.