Previous works: There has been a number of differnet blog posts, presentations and projects that have happened before this post and I will reference a number of them during the post and at the end have a link to all that I know about. If you know of any works on this subject that I am missing please submit a comment below and I’ll will be sure to reference it.
Once again, @egyp7 and I will be teaching both our Metasploit Basics course as well as the Mastery Course.
Metasploit Minute Season 6 is on the air! I know we have been away for a long while. The first episode is posted https://www.patreon.com/posts/5083466 each Monday a link will be posted on the Patreon site, or if you find RSS feeds easier, you can find it over at http://metasploitminute.com
Yes yes yes, I know, another platform, but guess what, it’s my blog, so ne-ner-ne-ner-ne-ner Hugo removed what I didn’t like about Octopress (the generating / pushing of content using a mix of branches and such) The reason I moved from Blogger was I just can’t stand having to log in and be online to make posts. I love things like MarsEdit for doing offline posts to services like Blogger, but I never could get the formatting right when I was done, especiall for code, so I’m back to a markdown based system.
Created the 2016 UNOFFICIAL ShmooCon Hiring List. To get on the list is even easier now! Just complete the following form: http://goo.gl/forms/pbYI0TZ9dG (One small tip, first come first serve, so if you want to be on the top of the list it’s best to submit the best info you have vs waiting on anyone, I don’t change the list order for anyone.) Direct Link to Google Doc: https://docs.google.com/spreadsheets/d/15xqphPVEnH7o2urovHWjJiS1VCjdAqcPNB_HS0yRexU/
Ever want to have all of your C2 go to the same box, have the functionality of Meterpreter, and Empire, while making it so if anyone goes to the actual site of your C2 all they get is something like Google? Nginx makes that possible, and instead of making a blog post that will disappear, I’ll point you at my combo in my “Attacker Knowledge Base” site: https://attackerkb.com/Combinations/ReverseProxyAttackTools and instead, show you the results once it’s setup:
Hi. I’m Rob… and I have a problem. Lets just say, when you find the limitations on Amazon’s wishlist features for single items, you know you have a problem. My problem? I’m kinda addicted to Intel NUCs. They are so versitle, low-ish power consumption, and incredibly powerful and TINY. I carry 3 of these (the older / cheaper ones) around to run my trainings / classes from. The follow is my current wishlist.
Meterpreter’s STDAPI extension (the one that always gets loaded) has a new command. This doesn’t happen very often so it’s worth noting. The new command prints out the currently attached “mounts”. In windows world, that means the normal CD ROM, C drive, etc, but it also means all of the mounted network drives as well. This gets very interesting when you happen to find yourself in a VM environment where you can start writing files to the host:
Time is a one-time non-renewable precious resource you are given. It is ok to be greedy, selective, and even snobbish about how, and with whom you spend it. If it helps, think of your time as a vault, money is withdrawn at a constant rate by people as you spend it, but you are not allowed to look inside to see how much you have left. It could be a billion dollars, it could be .
I recently took the plunge and joined a startup called R5 Industries. I wanted to say thanks for all the well wishes that I received on social media. It has certainly calmed my nerves about the choice ;-). I’ve had a number of people ask what R5 Industries does. Our primary selling point is AntigenC2, which is a really Command and Control detection product (no agents). But we also do Red Team assessments and some other fun toys if you are interested, contact@r5industries.