Blog

SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access

By Red Siege | April 1, 2024

By: Alex Reid, Current Red Siege Intern   In the April 2018 release of Windows 10 version 1803, Microsoft announced that the Windows OpenSSH client would ship and be enabled […]

Learn More
SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access

Navigating Active Directory Security with EDD

By Red Siege | March 21, 2024

Tool developed by: Chris Truncer   Leverage EDD for Advanced Offensive Strategies EDD serves as a critical tool for offensive security professionals, enhancing domain reconnaissance with .NET efficiency. It facilitates a […]

Learn More
Navigating Active Directory Security with EDD

How Just-Metadata Reinvents IP Analysis

By Red Siege | March 21, 2024

Tool developed by: Chris Truncer Cracking the Code with Just-Metadata Imagine trying to solve a giant puzzle where each piece is hidden in a massive digital world. That’s what dealing […]

Learn More
How Just-Metadata Reinvents IP Analysis

Introducing Jigsaw: Shellcode Obfuscation

By Red Siege | March 18, 2024

by Mike Saunders, Principal Consultant As offensive security professionals, we often find ourselves writing custom shellcode loaders for initial access and code execution. Unless we’re using a fully custom C2, […]

Learn More
Introducing Jigsaw: Shellcode Obfuscation

Dumping LSASS Like it’s 2019

By Red Siege | March 4, 2024

By Alex Reid, Current Red Siege Intern   A long-time tactic of threat actors and offensive security professionals alike, tampering with LSASS.exe in order to recover credentials remains a highly […]

Learn More
Dumping LSASS Like it’s 2019

Better Living Through OpenSSH Config Files

By Red Siege | February 15, 2024

By: Justin Palk, Senior Security Consultant   SSH is an incredibly valuable tool for penetration testing. It provides us with a secure channel for administering machines, remotely executing tools, transferring […]

Learn More
Better Living Through OpenSSH Config Files

GraphStrike: Anatomy of Offensive Tool Development

By Red Siege | January 22, 2024

By: Alex Reid, Current Red Siege Intern Introduction This blog post accompanies the release of an open source tool called GraphStrike which can be found here. Those familiar with my […]

Learn More
GraphStrike: Anatomy of Offensive Tool Development

GraphStrike: Using Microsoft Graph API to Make Beacon Traffic Disappear

By Red Siege | January 22, 2024

By: Alex Reid, Current Red Siege Intern We at Red Siege are proud to introduce GraphStrike: a tool suite for use with Cobalt Strike that enables Beacons to use Microsoft […]

Learn More
GraphStrike: Using Microsoft Graph API to Make Beacon Traffic Disappear

You Can’t See Me – Protecting Your Phishing Infrastructure

By Red Siege | January 10, 2024

By: Mike Saunders, Principal Security Consultant If you’re a red teamer, you may know the pain of spending hours building your phishing infrastructure, setting up your phishing sites and landing […]

Learn More
You Can’t See Me – Protecting Your Phishing Infrastructure

Reject Passwords, Return to (Security) Keys

By Red Siege | November 28, 2023

from Ian Briley, Security Consultant The weakest link in your information security chain will always be the human behind the keyboard. No matter how much death by PowerPoint security training […]

Learn More
Reject Passwords, Return to (Security) Keys