#hack100days : Day 3d : More work on target box. Sorted out how to use pktmon and re-learned Hyper-V checkpoints. Next action, w/protections off, write a script to test for user, target box. If pass, then set pktmon filter and start pcap, call back to teamserver for payload, and ???. Else, call to a web listener w/a "I'm not in the right place" message. Once that works, start working on payload obfuscation to get to a point where I can turn protections back on. #lab #redteam #infosec #cososec

Have the #clownshow on in the background. Hadn't noticed before, facing the podium, Dems are on the left and the GQP is on the right. Was that by design?

#hack100days : Day 2d : #cobaltstrike team server built. Target built. Tried out a payload and tried out a web attack. Had to turn off all the Defender capabilities to get it to go. Time revisit weaponization video and notes to get more realistic. Also learned about pktmon (https://learn.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon), which has an option to turn etl to pcapng! #redteam #infosec #cososec

#hack100days : Day 1d : Holidays haze plans. Started building out #cobaltstrike lab. Teamserver stood up. Will finish standing up target host tomorrow and start puttering around the UI. #redteam #infosec #cososec

#hack100days : day 7b : Watched some #cobaltstrike videos on YouTube, by Mudge. Thinking through and planning the Execution, Persistence, C2, and possibly Lateral Movement phases of a #redteam exercise. Keeping Exfiltration and Impact off the table for this one and putting Persistence and Lateral Movement on the "maybe" or the "secondary" list.

#hack100days : day 6b : Finished reading Responsible Red Teaming. Noodled on threat models post-Initial Access via Rubber Ducky. #infosec #att&ck #RRT #cososec

#hack100days: day 5b : Spent more time tinkering w/RubberDucky and started working on the next section of Responsible Red Teaming. Also conflab w/coworkers.

#hack100days : Day 4b : Spent a little time looking at RubberDucky and did a simple test w/a #flipperzero. The bad usb capability looks very useful.

Finished yara rule section of Responsible Red Teaming and read through the C2 section. Itching to "lab it up"! #redteam #infosec

#hack100days : Day 3b : Working on cleaning up notes from yesterday. Need to capture lesson learned from Friday, as well--when searching for vhosts using fuff, check the http headers to see if "Host: FUZZ.${TARGET}" or "Host: FUZZ" is needed.

Also a note for #redteamers, are you testing USB detective controls every now and then? My next test is going to be with a #FlipperZero--if the tooling doesn't recognize it, gonna amp it up w/some BadUSB shennanigans. #infosec #cososec

#hack100days : Day 2b : #hackthebox new release today. Needed a few nudges and learned about a newer feature in some tooling and about a tool that comes on Linux I hadn’t seen before. #getsmart #ctf #infosec #cososec

#hack100days: Day 1b : Fell off the wagon. Got back into it today. Hacked on #htb machine cronos with a coworker. One of my tools let me down. Need to figure what that was about. #sharpenthesaw #cyberrange #cososec

#hack100days: Day31 : Today's #tryhackme advent cyber challenge is sorted. I don't *really* care much about "Web3.0". ::old man shakes fist at cloud:: But, it is good to at least have a high-level view of what's going on "out there". Not sure how I was *supposed* to get the flag, I just bash-ed at it until it made sense. #ctf #infosec #cososec

#hack100days: Day 30 : Today's #tryhackme advent cyber challenge is sorted. Cyberchef is pretty slick. Outside the ctf, banged around in another SIEM-ish product exploring remote access behaviors. (Have *you* ever looked at RDP, ssh, vnc, telnet, etc. traffic in your network?) #ctf #sharpenthesaw #infosec #cososec

#hack100days : Day 29 : Today's #tryhackme advent cyber challenge is sorted. Outside of the ctf, spent some time getting re-acquainted with Splunk. #ctf #sharpenthesaw #infosec #cososec

#hack100days : Day 28 : Today's #tryhackme advent cyber challenge is sorted. Didn't reckon hydra was really still a thing. #ctf #infosec #cososec

#hack100days : Day 27 : Today's #tryhackme advent of cyber challenge is sorted. Nmap and smbclient are your friends. I've got a flipper zero now, so I'm poking around with that. Firmware is updated. Looking at a couple of alternative firmware options. Gonna try out some nfc and badge reading tomorrow. #sharpenthesaw #ctf #infosec #flipperzero #cososec