Red Team Labs
Staying Off the Land: A Threat Actor Methodology
With offense-focused methodologies being created around “living off the land” and “bring your own land,” we would like to cover a somewhat overlooked concept: “staying off the land.” This simple conce[…]
Your Jenkins Belongs to Us Now: Abusing Continuous Integration Systems
"Continuous integration (CI) is the process of automating the build and testing of code every time a team member commits a change." — Sam Guckenheimer, Microsoft Azure Introduction Jenkins is the lead[…]
Hidden Administrative Accounts: BloodHound to the Rescue
Defending an organization from today’s sophisticated attacks is no easy task. It often requires security teams to be ready at a moment’s notice to respond to an incident, in addition to managing the d[…]