Salut 👋🏼 J’ai écris un article qui est un retour d’expérience d’une attaque réelle sur un réseau Wi-Fi WPA2-Enterprise. N’hésitez pas à me donner votre avis 😉 https://t.co/rPOqSWygxY #redteam #wifi

The Legacy lab is available now on @cyb3rw4v3 !

You're starting a #redteam engagement tomorrow...Where would you train without spending tons of money ? We are releasing a new redteam lab with : - On-prem #ActiveDirectory - 5 vulnerable machines - Antivirus & Firewall Available on November 8th here : https://t.co/oM9Jd2aRCU

@L0rd5ud0 @trevorsaudi @f0rk3b0mb Guys, please join our discord server so I can easily reach out. https://t.co/2DxjVhelJE

And the winners are : - @L0rd5ud0 - @trevorsaudi - @f0rk3b0mb Congrats ! I will reach out via private message ;)

NEW RED TEAM LAB 🏴‍☠️ You're starting a red team engagement tomorrow... - How would you manage to evade defense solutions (AV/EDR) ? - Where would you train without spending tons of money ? If you don't have the answers to these questions, don't worry, I got you covered. I'm

Is smishing more dangerous than phishing? It takes a few minutes to register on a SMS service, change the SenderID and pretend to be a known contact to a victim. Here, I'm pretending to be OVHcloud and I’ve sent a SMS to myself. The iOS Message application even displays the

During a Red Team engagement, one must be aware of every action, even when it comes to Wi-Fi testing. Sometimes, we have to send "deauthentication" packets to authenticated devices using tools like Aireplay-ng, in an attempt to capture a handshake and access the targeted network

🛜 Hackers sometimes gain access to a company's Wi-Fi network. In this blog post, we share some insights about a Wi-Fi (WPA2-Enterprise) penetration test that we conducted for an organisation. https://t.co/YKAA8CTMhW

I did a DNS resolution on more than 4 million domain names with the .fr TLD Result: around 3.5 million domains might be spoofed by attackers because they don't have a DMARC record (let alone an SPF record). Domains belonging to companies such as Microsoft are also vulnerable.

Hey there 👋🏼 I have been using an Ansible playbook to deploy a phishing server on a cloud instance for my engagements. Thought it might be useful for cyber security professionals out there. https://t.co/BODnLnbnEi

Salut 👋🏼 Voici un petit article qui explique comment il est possible de personnaliser des outils publics pour contourner les antivirus. Ici, il s’agira de personnaliser l’agent Apollo du C2 Mythic pour contourner Windows Defender. https://t.co/0wyiRfYVc5

OSINT : Certaines entreprises divulguent des informations bien trop précieuses dans leurs offres d'emploi. C'est par exemple le cas ici, l'entreprise en question donne même la marque de son EDR. Ceci peut aider les attaquants à développer des malwares (implants, loaders,

I've just started a blog on #maldev and #redteaming. Nothing fancy yet, just me trying to see if I've understood correctly. The first post is about a custom version of GetModuleHandle and GetProcAddress in #go. Check it out:

Hello world 👋 In 2022, @0xNarek and I studied an APT named Serpent Group that has been discovered by @proofpoint and @VMware TAU. This threat actor targeted numerous french government entities during the 2022 presidential campaign. We reproduced their TTPs and came up

Collector celui là @asso_hzv

Salut, shalom, salam camarades. Voici la 3eme partie de la série « Anatomie des EDR ». Cette fois ci, on va voir les processus, services, PPL et clés de registre Windows, utilisés par un EDR. https://t.co/zmcjUtBTUL #redteam #windows #edr #maldev

Hello, Voici la partie 2 de la série d’articles Anatomie des EDR. Cette fois ci, on va voir le fonctionnement des drivers d’un EDR avec plus de détails (kernel, callbacks, minifilters, etc). https://t.co/Y4jF1DvLKh #redteam #maldev #edr #blueteam

Salut salut, Voici un premier article que j’ai pondu pour décrire de manière très vulgarisée ce qu’est concrètement un EDR. J’ai pris #SentinelOne en exemple car il est considéré comme étant l’un des leaders. https://t.co/z4HZe3cJ5F #redteam #maldev