#hack100days : Day 3d : More work on target box. Sorted out how to use pktmon and re-learned Hyper-V checkpoints. Next action, w/protections off, write a script to test for user, target box. If pass, then set pktmon filter and start pcap, call back to teamserver for payload, and ???. Else, call to a web listener w/a "I'm not in the right place" message. Once that works, start working on payload obfuscation to get to a point where I can turn protections back on. #lab #redteam #infosec #cososec

#hack100days : Day 2d : #cobaltstrike team server built. Target built. Tried out a payload and tried out a web attack. Had to turn off all the Defender capabilities to get it to go. Time revisit weaponization video and notes to get more realistic. Also learned about pktmon (https://learn.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon), which has an option to turn etl to pcapng! #redteam #infosec #cososec

#hack100days : Day 1d : Holidays haze plans. Started building out #cobaltstrike lab. Teamserver stood up. Will finish standing up target host tomorrow and start puttering around the UI. #redteam #infosec #cososec

#hack100days : day 6b : Finished reading Responsible Red Teaming. Noodled on threat models post-Initial Access via Rubber Ducky. #infosec #att&ck #RRT #cososec

#hack100days : Day 3b : Working on cleaning up notes from yesterday. Need to capture lesson learned from Friday, as well--when searching for vhosts using fuff, check the http headers to see if "Host: FUZZ.${TARGET}" or "Host: FUZZ" is needed.

Also a note for #redteamers, are you testing USB detective controls every now and then? My next test is going to be with a #FlipperZero--if the tooling doesn't recognize it, gonna amp it up w/some BadUSB shennanigans. #infosec #cososec

#hack100days : Day 2b : #hackthebox new release today. Needed a few nudges and learned about a newer feature in some tooling and about a tool that comes on Linux I hadn’t seen before. #getsmart #ctf #infosec #cososec

#hack100days: Day 1b : Fell off the wagon. Got back into it today. Hacked on #htb machine cronos with a coworker. One of my tools let me down. Need to figure what that was about. #sharpenthesaw #cyberrange #cososec

#hack100days: Day31 : Today's #tryhackme advent cyber challenge is sorted. I don't *really* care much about "Web3.0". ::old man shakes fist at cloud:: But, it is good to at least have a high-level view of what's going on "out there". Not sure how I was *supposed* to get the flag, I just bash-ed at it until it made sense. #ctf #infosec #cososec

#hack100days: Day 30 : Today's #tryhackme advent cyber challenge is sorted. Cyberchef is pretty slick. Outside the ctf, banged around in another SIEM-ish product exploring remote access behaviors. (Have *you* ever looked at RDP, ssh, vnc, telnet, etc. traffic in your network?) #ctf #sharpenthesaw #infosec #cososec

#hack100days : Day 29 : Today's #tryhackme advent cyber challenge is sorted. Outside of the ctf, spent some time getting re-acquainted with Splunk. #ctf #sharpenthesaw #infosec #cososec

#hack100days : Day 28 : Today's #tryhackme advent cyber challenge is sorted. Didn't reckon hydra was really still a thing. #ctf #infosec #cososec

#hack100days : Day 27 : Today's #tryhackme advent of cyber challenge is sorted. Nmap and smbclient are your friends. I've got a flipper zero now, so I'm poking around with that. Firmware is updated. Looking at a couple of alternative firmware options. Gonna try out some nfc and badge reading tomorrow. #sharpenthesaw #ctf #infosec #flipperzero #cososec

#hack100days : Day 26 : Today's #tryhackme advent of cyber challenge is sorted. Poked at the new #htb release. I'm not grokking, but now the interruptions are minimized. So maybe some focus will get me there. #sharpenthesaw #ctf #infosec #cososec

#hack100days : Day 25 : Today's #tryhackme advent of cyber challenge is sorted. Worked through the next section of Responsible Red Teaming. Tinkered with my zsh prompt. Need to try out sysmon for linux and the logging recommendations in my lab. #ctf #sharpenthesaw #redteam #infosec #cososec

#hack100days : Day 24 : Today was a grab bag. Pulled off today's #tryhackme advent of cyber challenge. It was not what I was expecting, but I expect the difficulty to ramp up as we go. Tuned into @Alh4zr3d@twitter's twitch stream. Target looked familiar. #ctf #infosec #cososec

#hack100days : Day 23 : Read more on Responsible Red Teaming. Two more sections down. Legality, ethics, responsiblity, and opsec. Good stuff to keep in mind. #sharpenthesaw #redteam #infosec #cososec

#hack100days : Day 22 : Took a break from awkward. Poked around at Vortimo OSINT Tool (https://osint-tool.com/) and related integrations. Anyone w/search.censys.io accounts getting 500s after logging in? That's weird. Also played around with hashcat some more and tinkered with using masks. Next I want to play with combined masks and wordlists to see what that gets me. #sharpenthesaw #osint #infosec #cososec

#hack100days : Day 20 : More #hackthebox. Worked on awkward and got user. Still working out root. Also worked on carpediem, but didn't get any further than last time. Then went down a password cracking rabbit hole. Trying out JtR and incremental filters. #sharpenthesaw #htb #ctf #infosec #cososec

#hack100days : Day 18 : Started in on Responsible Red Teaming (https://taggartinstitute.org/p/responsible-red-teaming) Today was a busy day, so I need to read. #getsmart #redteam #infosec #cososec

#hack100days : Day 17 : Where I was going to go with the crypto challenge is not the path I took. @[email protected] gave me some advice and I managed to sort it out. Compared to other crypto challenges I've worked on, I'm happy to have gotten to a solution. I've not seen one like this before. #cryptography #getsmart #ctf #infosec #cososec