#hack100days : Day 3d : More work on target box. Sorted out how to use pktmon and re-learned Hyper-V checkpoints. Next action, w/protections off, write a script to test for user, target box. If pass, then set pktmon filter and start pcap, call back to teamserver for payload, and ???. Else, call to a web listener w/a "I'm not in the right place" message. Once that works, start working on payload obfuscation to get to a point where I can turn protections back on. #lab #redteam #infosec #cososec

#hack100days : Day 2d : #cobaltstrike team server built. Target built. Tried out a payload and tried out a web attack. Had to turn off all the Defender capabilities to get it to go. Time revisit weaponization video and notes to get more realistic. Also learned about pktmon (https://learn.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon), which has an option to turn etl to pcapng! #redteam #infosec #cososec

#hack100days : Day 1d : Holidays haze plans. Started building out #cobaltstrike lab. Teamserver stood up. Will finish standing up target host tomorrow and start puttering around the UI. #redteam #infosec #cososec

#hack100days : day 7b : Watched some #cobaltstrike videos on YouTube, by Mudge. Thinking through and planning the Execution, Persistence, C2, and possibly Lateral Movement phases of a #redteam exercise. Keeping Exfiltration and Impact off the table for this one and putting Persistence and Lateral Movement on the "maybe" or the "secondary" list.

#hack100days : Day 4b : Spent a little time looking at RubberDucky and did a simple test w/a #flipperzero. The bad usb capability looks very useful.

Finished yara rule section of Responsible Red Teaming and read through the C2 section. Itching to "lab it up"! #redteam #infosec

#hack100days : Day 25 : Today's #tryhackme advent of cyber challenge is sorted. Worked through the next section of Responsible Red Teaming. Tinkered with my zsh prompt. Need to try out sysmon for linux and the logging recommendations in my lab. #ctf #sharpenthesaw #redteam #infosec #cososec

#hack100days : Day 23 : Read more on Responsible Red Teaming. Two more sections down. Legality, ethics, responsiblity, and opsec. Good stuff to keep in mind. #sharpenthesaw #redteam #infosec #cososec

#hack100days : Day 18 : Started in on Responsible Red Teaming (https://taggartinstitute.org/p/responsible-red-teaming) Today was a busy day, so I need to read. #getsmart #redteam #infosec #cososec

Oi! #redteamers! For inside services, do you carry out any password spray attack exercises? #redteaming #redteam #cososec