Obfuscating Launchers to Limit Detection

Last time, I provided a method for encrypting macro payloads (https://warroom.securestate.com/encrypt-macros-bypass-sandboxes/)  to prevent them from executing correctly in the event […]

Bypassing Gmail’s Malicious Macro Signatures

Malicious macros in Excel spreadsheets are one of the most common methods of delivery in phishing attacks. If the premise […]

Leveraging MS16-032 with PowerShell Empire

It’s not very often in the life of a pentester that you find a point-and-click exploit that works right out […]

No RDP, No Problem!

The Setup I conducted some phishing for a pentest this past week. My ulterior motive was to have an opportunity […]

Empire: An Elegant Weapon for a More Civilized Age

  Empire, developed by @harmj0y, @sixdub, and @enigma0x3, debuted earlier this month at BSides Las Vegas.  In the words of […]

Generating Time-based One-time Passwords With PowerShell

In this post I will be explaining how to leverage PowerShell to create a time-based one-time password (TOTP).  If you […]