Customizing Powershell Empire to Avoid Detection

Powershell Empire is a very powerful post-exploitation framework for Windows environments. The tool has been gaining popularity since its release in 2015. As more red teams and malicious threat actors utilize the tool, more detection is being developed to identify the use of Empire on the network. This post will show some customizations that change […]

Read More

DEFCON 2016 CTF Quals – XKCD

I recently participated in the 2016 DEFCON CTF qualifiers. This is a write-up for the XKCD challenge which was in the PWN category. http://download.quals.shallweplayaga.me/be4bf26fcb93f9ab8aa193efaad31c3b/xkcd xkcd_be4bf26fcb93f9ab8aa193efaad31c3b.quals.shallweplayaga.me:1354 Might want to read that comic as well… 1354 The XKCD for 1354 was related to Heart Bleed so it was obvious that this would be related to the Heart […]

Read More

New Tool – HoneyPorts

New Tool – HoneyPorts Local port level honey pot. Opens ports on your box, When attackers connect, a custom message is sent and a firewall rule is created. New Features: Multihreaded Runs on multiple ports Set firewall rules to expire after a given time Config file Custom port messages Whitelist Auto-whitelist of local IPs Output […]

Read More

D-CTF 2014 – Network 300

This was the Network 300 challenge from the recent D-CTF. ┬áNot many people solved this one and I got a lot of request for help in the IRC so I figured I would create write up for it. Reading the text in the challenge it was obvious that you would need to use port knocking […]

Read More