Category Archives: Red Teaming

EDRHackingRed Teaming
Blank Image

Winning Your ‘Arguments’ with EDRs.

A recent client engagement had me thinking about ways to evade security tools that rely heavily on command line arguments. During a red team task, I wanted to dump the SAM database of the victim’s system, but I knew that commands such as “reg save HKLM\SAM SAM” would easily be caught by the installed EDR. […]...

Published On - November 27, 2019

NaijaSecForce EDR, Hacking, Red TeamingTags: , , ,
HackingRed Teaming
Blank Image

Red Teaming with Covenant and Donut

Overview Red Teaming has rapidly transitioned from Living off the Land (LotL) to Bringing Your Own Land (BYOL). It is now possible to execute .NET assemblies entirely within memory. By developing custom C#-based assemblies, attackers no longer need to rely on the tools present on the target system; they can instead write and deliver their […]...

Published On - November 21, 2019

NaijaSecForce Hacking, Red TeamingTags: , , ,