Navigating The Shadows
  • About This Gitbook
  • Red Team Operations
    • Initial Access
      • Webshells
        • Java (JSP) - Bring Your Own Jar
        • IIS - SOAP
      • Macro Attacks
        • Talking Documents with SpVoice COM
        • Binary File Write via Microsoft Speech API
        • Mark-Of-The-Web Bypass with 7-zip
    • Azure and O365
      • PRT Abuse from Userland with Cobalt Strike
      • Enumerate Azure AD with AzureHound from Userland
    • AWS
      • Role Abuse: SSM
    • OffSecOps
      • Arsenal Aggressor Script
  • Red Team Infrastructure
    • AWS
      • Connectionless Ansible Deployment with Terraform via SSM
  • Training
    • Operational Purple Teaming for Defenders
  • Training Reviews
    • Offensive Security
      • OSED
  • VULNERABILITY RESEARCH
    • RCE In HPE Insight Cluster Management Utility (CVE-2024-13804)
Powered by GitBook