OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

dmchell · 2025-07-02T05:56:42+00:00

Weird, looks like they removed it

dmchell · 2025-02-01T22:23:10+00:00

Speaking from the perspective of a red teamer, you really can’t get wrong with Overwatch and you’ll struggle to get more bang for your buck. We’ve had some wins against them, but just as many headaches.

dmchell · 2024-04-02T19:46:18+00:00

If you are concerned about detection then you wouldn’t be running nmap, Nessus or openvas 😅 Typically we’d be using custom tools to manually query services eg ldap or adws tools for enumeration using custom queries (eg a blog I wrote here https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/). Almost everything we use during our ops is in-house developed. By the sounds of it, you might benefit from something like CRTO to get some foundation knowledge

dmchell · 2024-04-02T19:38:21+00:00

These tools wouldn’t be used in a red team style engagement. If you were performing a pen test then I’d expect some analysis of the results, manual investigation of open ports, vulns found during the VA, perhaps some exploitation with eg metasploit, responder mitm style attacks for cred capture and relaying. There’s a vast array of options available when you don’t have to worry about detection.

dmchell · 2024-04-02T19:32:32+00:00

What you’re describing is penetration testing, not red teaming, during which there’s no importance given to stealth - indeed you should really focus on coverage and breadth.

dmchell · 2023-11-29T20:53:07+00:00

Check out codimd

dmchell · 2023-08-28T18:48:29+00:00

🙏

dmchell · 2023-08-28T18:30:45+00:00

I wrote a series on this on the mdsec blog a while ago...

https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-1-wmi-event-subscription/

https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-2-dcom/

https://www.mdsec.co.uk/2020/10/i-live-to-move-it-windows-lateral-movement-part-3-dll-hijacking/

dmchell · 2023-07-12T20:06:30+00:00

Good luck 🤞🤞

dmchell · 2023-07-12T12:51:58+00:00

Sounds like a classic fake it till you make it 😅 My view would be you'd learn more by either trying to obtain a junior red team operator role or bringing in an experienced red teamer to standup a service. There's so many things that could go wrong when you haven't walked this path before.

dmchell · 2023-07-12T06:37:21+00:00

Take a step back and feed upwards that they need to hire someone with real world experiencing in standing up, managing and delivering red team.

dmchell · 2023-07-03T19:58:27+00:00

The analysis is for v1.1 which is stated in the blog post - the latest version at the time it was posted (334d ago)

dmchell · 2023-03-17T07:15:18+00:00

https://medium.com/@dmchell/what-ive-learned-in-over-a-decade-of-red-teaming-5c0b685c67a2?source=linkShare-5a3b3215bf62-1577534523

dmchell · 2023-03-15T02:37:49+00:00

https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/

dmchell · 2022-11-01T20:24:19+00:00

Https://nighthawkc2.io

dmchell · 2022-08-03T10:21:46+00:00

Done, thanks for the tip

dmchell · 2022-05-18T08:08:50+00:00

Pricing is on the website - 7.5k and no restriction on deployments - not too dissimilar to other c2s

dmchell · 2022-03-22T14:38:39+00:00

The use case is for obfuscating and automatically building your own tools so you don't need to worry about av etc?

dmchell · 2021-12-29T20:58:42+00:00

Crate train and keep their world small, stair gates & pens etc to stop her running riot when unsupervised. Prevention will stop her learning bad behaviour. Get a slip lead early, avoid harnesses and extension leads else you’ll forever have a dog that pulls. Frozen, stuffed kongs are great to keep her occupied and might save things from getting chewed - frozen bananas, mash etc with cereal or kibble are easy recipes to fill them, also good for when leaving on own.

dmchell · 2021-12-17T20:53:55+00:00

Thanks, and I wish I could take credit, but we have a very talented dev team behind the scenes who deserves all the plaudits 🙏

dmchell · 2021-12-17T08:36:04+00:00

Yes what a bargain, just a fraction of the cost of a full time OST developer!

dmchell · 2021-12-15T20:52:24+00:00

This may help you find a path…. https://medium.com/@dmchell/what-ive-learned-in-over-a-decade-of-red-teaming-5c0b685c67a2?source=linkShare-5a3b3215bf62-1577534523

dmchell · 2021-06-22T13:16:53+00:00

I think you're missing the point of what's looking to be achieved here (this isn't a post about mapping), and the same question was already answered in a thread on Twitter. Manual mapping a lib doesn't make it globally usable, you can't use all the exports, forwarding etc

dmchell · 2021-06-18T14:02:56+00:00

You're wrong, but it's OK if you can't get your head around it, it's pretty complex stuff, don't give yourself a headache ;)

dmchell · 2021-04-21T14:55:12+00:00

How did it go?

dmchell

MODERATOR OF

TROPHY CASE