gcpHound v2.0 : Django Web UI To Analyze IAM PermissionsIn this article, we will talk about recent functionalities added to the gcpHound as well as how to use them.Apr 26, 2022Apr 26, 2022
Custom Metasploit Module for Log4Shell ScannerIn this article, we will discuss a customized Metasploit module I wrote for scanning applications vulnerable to Log4Shell as well as how…Dec 21, 2021Dec 21, 2021
Compromised Endpoint to Compromised GCP : Gone in 60 SecondsIn this article, we will discuss how you can take over google cloud accounts, if you have compromised an endpoint. Once you get a hang of…Oct 8, 20211Oct 8, 20211
gcpHound : A Swiss Army Knife Offensive Toolkit for Google Cloud Platform (GCP)In this article, we will talk about a new tool written by me alongside Brad Richardson called “gcpHound” as well as some of the…Sep 7, 2021Sep 7, 2021
Detection NavigatorIn my previous article, I have discussed how to build detection chart using MITRE ATT&CK Framework. However, as I mentioned at the very…Apr 20, 2021Apr 20, 2021
Office365 MacOS Sandbox EscapeIn this article, we are going to review how we can escape the Office365 sandbox in MacOS Catalina. Apple has hardened MacOS environment in…Oct 14, 2020Oct 14, 2020
Executing Purple Team ExercisesIn previous article , we talked about how to build Detection Chart using MITRE ATT&CK Framework. In this article, we will leverage those…Apr 10, 2020Apr 10, 2020
Building Detection Chart Using MITRE ATT&CK FrameworkThis article is about how MITRE ATT&CK Framework can be leveraged to measure current detection capability of the organization. There are …Oct 2, 2019Oct 2, 2019
Converting an .app file to .dmg on MacOSThis article is about simple steps to follow to convert .app file to .dmg file. The main reason for this article is , During an engagement…Aug 24, 2019Aug 24, 2019
How to Create HTTP(s) Command and ControlCommand and Control ( C2 ) is one of the most essential part of red team engagements. There are a lot tools out there that are designed…Aug 18, 2019Aug 18, 2019