Archive - Offsec Ramblings

An Operator’s Guide to Device-Joined Hosts and the PRT Cookie

Apr 7 •

December 2024

Breaching AWS Course Review

CloudBreach's OAWSP Certification

Dec 27, 2024 •

October 2024

BOFHound: AD CS Integration

A targeted approach to AD CS enumeration

Oct 30, 2024 •

August 2024

TAKEOVER-1 with PySQLRecon

The intersection of SQL and SCCM exploitation

Aug 10, 2024 •

January 2024

BOFHound: Session Integration

Jan 30, 2024 •

November 2023

Abusing Slack for Offensive Operations: Part 2

When I first started diving into offensive Slack access, one of the best public resources I found was a blog post by Cody Thomas from back in 2020…

Nov 10, 2023 •

November 2022

Taking a closer look at the Roast-in-the-Middle attack

Nov 14, 2022 •

February 2022

Reintroducing redlure

A year and a half later - the redlure setup guide

Feb 21, 2022 •

January 2022

Utilizing Mailcow for Phishing

Setting Up a Self-Hosted Mail Server with Mailcow

Jan 25, 2022 •

September 2021

Lateral Movement with LiquidSnake

Playing with Cobalt Strike and LiquidSnake

Sep 13, 2021 •

February 2021

SOCKS Proxy Relaying

Transitioning to multi-relay attacks with ntlmrelayx

Feb 15, 2021 •

Experimenting with a shellcode runner

Feb 4, 2021 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts