RTOps: Automating Redirector Deployment With Ansible

Agenda Reading Time: 20mins This blog will cover what redirectors are, why they are important for red teams, and how to automate their deployment with Ansible. This is the first post in our RTOps blog series, and will serve as a jumping off point for further redirector strategies, and Red…

SecSmash: Leveraging Enterprise Tools for command execution, lateral movement and C2

Release We are releasing the SecSmash tool we announced at BSIDES LV. SecSmash is a framework that allows you to turn centralized management, monitoring, and security tools into C2 infrastructure. Check out the tool on Github: https://github.com/tevora-threat/SecSmash Secsmash is a modular framework for leveraging credentials to…

Eternal Blues

As pentesters, our job is to demonstrate the risk of unpatched vulnerabilities to the business. The past month, this has largely been an exercise in demonstrating the risk of the eternal blue vulnerability. In order to do this, it is key we as the good guys possess the same tools…