Obfuscating Shellcode Using Jargon
By Red Siege | July 31, 2023
by Mike Saunders, Principal Security Consultant In a recent blog , we discussed how encrypting shellcode leads to increased entropy, which may result in your shellcode loader being blocked and/or […]
Learn MoreBrowser Only Web Application Testing
By Red Siege | July 24, 2023
By: Ian Briley, Security Consultant Spoiler Alert: Burp is the number one tool most people use while testing web applications. If you want to be an open-source champion, ZAP from […]
Learn MoreIntroduction to Mythic C2
By Red Siege | June 28, 2023
By: Justin Palk, Senior Security Consultant Continuing along with my occasional series looking at how to set up and use various C2 frameworks, this is a guide to Mythic C2. Developed […]
Learn MoreIntroduction to Sliver
By Red Siege | November 7, 2022
By: Justin Palk, Security Consultant Around the time Tim decided he was going to give a Siegecast on selecting a C2, I finished building out a test Windows AD domain […]
Learn MoreMoving beyond T4 – Deconstructing Nmap Tuning
By Red Siege | July 6, 2022
by Alex Norman, Senior Security Consultant Nmap -T4 -iL targets.txt This is a very common scan string that many people use to get initial recon done on assessments and, to […]
Learn MoreCreating a Simple Windows Domain for Offensive Testing: Part 4
By Red Siege | June 23, 2022
By: Justin Palk, Security Consultant This is part four of my series of blog posts on creating a windows domain for offensive security testing. In part 1, I stood up […]
Learn MoreCreating a Simple Windows Domain for Offensive Testing: Part 3
By Red Siege | June 15, 2022
by Security Consultant Justin Palk Welcome back to my series on setting up a Windows domain for offensive testing. In the first two installments (Part 1, Part 2), I stood […]
Learn MoreCreating a Simple Windows Domain for Offensive Testing: Part 2
By Red Siege | June 7, 2022
By: Justin Palk, Security Consultant Welcome back to my series on setting up a Windows domain for offensive testing. In the first installment, I did my basic network setup, created […]
Learn MoreCreating a Simple Windows Domain for Offensive Testing : Part 1
By Red Siege | June 1, 2022
By: Justin Palk, Security Consultant While doing some tool development recently I realized that for the first time I was writing a tool specifically targeting an Active Directory domain and […]
Learn MoreHTTPSC2DoneRight (and Working)
By Red Siege | February 17, 2022
tl;dr If you want an updated and working copy of httpsc2doneright, grab it here If you’re a Cobalt Strike user, it’s almost certain that at some point you’ve used […]
Learn More