email info@BC-Security.org

Top Categories

Spotlight

todayOctober 10, 2024

Offensive Security Tools Cx01N

Not Your Grandfather’s Empire

Not Your Grandfather’s Empire I’ve wanted to put this blog together since returning home from DEFCON. Anytime we ran into someone who recognized our swag, they mentioned how much they loved Empire back in the day and didn’t realize it was being actively maintained. This made me reflect on all [...]


Hubbl3

10 Results / Page 1 of 2

Background

todayJune 17, 2024

  • 1
close

Programming + Cyber Security + Offensive Security Tools Hubbl3

ScriptBlock Smuggling: Spoofing PowerShell Security Logs and Bypassing AMSI Without Reflection or Patching

Note: All code samples shown in the post can be found in our repo here  In recent years, PowerShell tradecraft has seen a drop in popularity among pentesters, red teams, and to some extent APTs. There are several reasons for this, but at the core, it was the introduction of ...

todayJune 16, 2022

  • 1399
  • 1
close

Cyber Security Hubbl3

Maldocs Are Evolving

Unless you have been living under an infosec rock the past couple of weeks, you probably heard about the Follina exploit, which allows attackers to achieve remote code execution via ms-msdt. We will get to some more specifics about exactly how Follina works in a minute, but I want to ...

todayJuly 14, 2021

  • 7018
  • 6
close

Cyber Security Hubbl3

XLS Entanglement

VBA tradecraft is constantly evolving and this past winter, I came across some articles from Adepts of 0xCC. Specifically, their article Hacking in an Epistolary Way: Implementing Kerberoast in Pure VBA caught my attention and I wanted to try and see if it would be possible to create a pure ...

email, email marketing, newsletter

todayJune 16, 2020

  • 1960
  • 3
close

Cyber Security + Offensive Security Tools Hubbl3

Random SMTP Fun with Telnet

You may remember the good ole days where you can connect to pretty much any mail server (like Gmail) with telnet and spoof emails to your friends from whoever you want. Back then, I never realized that you could actually send attachments directly through the telnet connection. It’s not super ...