WE POP SHELLS
Estimated Reading Time: 8 minutes Summary about Froxlor Froxlor is a web-based server management software for Linux-based operating systems. It is primarily used to manage web hosting environments and allows users to create and manage websites, email accounts, and FTP accounts. It also provides tools for monitoring server resources and managing backups. Froxlor is written in PHP and uses a…
Estimated Reading Time: 10 minutes Hiding your malicious C2 traffic through legitimate channels is challenging nowadays, especially while CDN providers block all known techniques to use domain fronting to hide your malicious traffic. For that reason, I was looking for a service that I can (ab)use to forward and hide my malicious C2 traffic using their domains without exposing my…
Estimated Reading Time: 3 minutes In the past year, I published the first version of DNSStager which is a tool to hide your payload in DNS, and presented an updated version of it at BlackHat Europe 2021 and @Hack conferences. Today I’m happy to announce that the Stable version of DNSStager is out with some new features and fixes for…
Estimated Reading Time: 8 minutes In the past few weeks, I was working on a new project that could help me to solve an issue during a case I was facing, I needed a tool to help me pulling off my payload through DNS without being noisy or suspicious with the ability to inject this payload to the memory and…
Estimated Reading Time: 7 minutes In the last couple of weeks, I was doing some code analysis for a couple of products, some of them were part of my daily job and the other was for research purposes. During this period, I was trying to do automation for my code analysis process to reduce the amount of work that I…
Estimated Reading Time: 14 minutes Bypassing endpoint protections such as AVs/EDRs is a phase that you need to take care of when you prepare for your red team operation, it could take some time to understand how these solutions are working before you try to bypass them. And with the large number of resources published online on this topic, it…
Estimated Reading Time: 4 minutes It’s been a while since I released the stable version of Octopus, and today, I’m glad to announce that version 1.2 from Octopus is out! We added new features to this version and fixed some issues from the previous one to make it more stable. With time going by, we noticed that Octopus usage is…
Estimated Reading Time: 9 minutes During the previous week, I was doing some research about win32 APIs and how we can use them during weaponizing our attack, I already did some work related to process injection in the past, but I was looking for something more advanced and to do an extra mile in process injection. So, I took my…
Estimated Reading Time: 7 minutes Summary of OCS Inventory NG Open Computer and Software Inventory Next Generation is free software that enables users to inventory IT assets. OCS-NG collects information about the hardware and software of networked machines running the OCS client program. OCS can visualize the inventory through a web interface. About the exploit I found this vulnerability by…
Estimated Reading Time: 15 minutes Establishing a red team infrastructure for your operation is something you need to take care of every time, and you need to make sure it’s working without any obstacles before you begin your operation. Every time I start a new operation, I set up the infrastructure manually using DigitalOcean or AWS, and it’s always enjoyable…
