Situational Awareness BOFs for Script Kiddies

March 21, 2023

Introduction Thanks for the download on BOFs, but now, where can I actually download some BOFs? In my previous blog post, “BOFs for Script Kiddies,” I covered the basics of BOFs. I described what a BOF was (a Beacon Object File), when you would want to use a BOF (post-exploitation), and why you would want…


Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)

March 17, 2023

Threat Overview Earlier this week, Microsoft released a patch for Outlook vulnerability CVE-2023-23397, which has been actively exploited for almost an entire year. This exploit has caught the attention of a hacking group linked to Russian military intelligence that is using it to target European organizations. CVE-2023-23397 allows threat actors to steal NTLM credentials of…


Shells in Plain Sight – Storing Payloads in the Cloud

March 16, 2023

THIS POST WAS WRITTEN BY @NYXGEEK I stumbled upon an old side project the other day — it was a tool to get payloads through web content filters by hiding PowerShell in images on public sites. For example, this tweet from 2018 contains a bind shell encoded in the image, hosted by Twitter. While I don’t…


Changes in the Beacon Object File Landscape

March 9, 2023

Time flies when you’re having fun! Can you believe it has been over two (2) years since the release of beacon object files (BOFs)? BOFs were released June 25, 2020, according to the release notes for Cobalt Strike. At that time, I wrote about what made BOFs special in terms of Cobalt Strike, as well…

RPC Programming for the Aspiring Windows Developer

RPC Programming for the Aspiring Windows Developer

March 2, 2023

As EDR/AV solutions have evolved, attackers, be they malicious or hired testers, need to improve their techniques by exploring new avenues of accomplishing common tasks. These methods evolve over time and sometimes even cycles as techniques become highly detected, then dropped, and later rediscovered. Over a series of posts, we are going to investigate mixing…

BOFs for Script Kiddies on the TrustedSec Blog

BOFs for Script Kiddies

February 16, 2023

Introduction I hope I don’t sound like a complete n00b, but what or who or where is a BOF? All the cool kids are talking about it, and I just smile and nod. Is he the newest Crypto billionaire, or is a meetup for like-minded hackers, or is it some other 1337 slang? I understand…

KeePass Vulnerability

What this KeePass CVE means for organizations searching for new password vaults

February 2, 2023

After the 2022 LastPass breach, many organizations began searching for alternative password vault solutions. KeePass, a legacy open-source option has risen to the top for many organizations evaluating their options. Others have been using this option already for years. A recent POC demonstrating who to abuse the Trigger feature was released and assigned a CVE….

TrustedSec Security Blog - Operators Guide to Meterpreter BOFloader

Operator’s Guide to the Meterpreter BOFLoader

January 24, 2023

1.1      Introduction Recently, myself and a few friends decided to port my coworker Kevin Haubris‘ COFFLoader project to Metasploit. This new BOFLoader extension allows Beacon Object Files (BOFs) to be used from a Meterpreter session. This addition unlocks many new possibilities for Meterpreter and, in my opinion, elevates Meterpreter back up to the status of…

TrustedSec Security Blog

2023 Resolutions for Script Kiddies

January 17, 2023

Introduction 2022 was a tough year. It seemed like no one was safe. Nvidia, Samsung, Ubisoft, T-Mobile, Microsoft, Okta, Uber—and those were just some of Lapsus$’s breaches. What’s a Script Kiddie to do to be better protected in 2023? Another year in the books, and it was another big year for cybersecurity. While 2022 did…

More Active Directory for Script Kiddies - A black book open with glowing green text

More Active Directory for Script Kiddies

December 6, 2022

Introduction So… Active Directory is amazing. It tells me everything I want to know—a regular Ask Jeeves for the whole domain—but I’m sure there is more that it can do. What else am I missing? In a previous article, I described the Active Directory (AD) service and how a Script Kiddie might use it to…

  • Browse by Category

  • Clear Form