I've heard that my fellow Red Teamers like to use SOCKS proxies for stealth operations, so here's one that (ab)uses Azure Blob Storage 🚇

Look at those cute little blobs in your internal network. They look harmless, but how about the one carrying SOCKS? It's ProxyBlob, a reverse proxy over Azure. Check out Alexandre Nesic's article on how it came to exist after an assumed breach mission ⤵️ 👉 blog.quarkslab.com/proxyblobing...

For us, EDR bypass is not just a buzzword. MacroPack, ShellcodePack, and DarwinOps all come with bypass presets for major EDRs and Antivirus Those presets are regularly updated and tested! If you want to see a demo or an equivalent screenshot for the major EDRs contact us ! #redteam

Think NTLM relay is a solved problem? Think again. Relay attacks are more complicated than many people realize. Check out this deep dive from Elad Shamir on NTLM relay attacks & the new edges we recently added to BloodHound. ghst.ly/4lv3E31

Next week at the Hack The Box 0x4d meetup in Lille, France @rayanle.cat will talk about PwnShop, the challenge he prepared for the PwnMe CTF 2025 and how he accidentally discovered a RCE 0day while doing so. Join him next Monday at Campus Cyber Hauts-the-France: www.meetup.com/hack-the-box...

Balliskit Evasion Tip 🤖 To help with static analysis detection by EDR, ShellcodePack implements a method to load a shellcode from a separate file or from an URL This tutorial explains how to use that option! #redteam blog.balliskit.com/loading-a-sh...

On PTO and bored, so playing around with MCP by exposing Mythic APIs to Claude and seeing what the result. Attempting to have it emulate threat actors while operating Apollo in a lab... would make a good sparring partner :D www.youtube.com/watch?v=ZooT...

🚨 Evilginx Pro is finally here! 🚨🎣🐟 This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live! Thank you all for your invaluable support 💗 breakdev.org/evilginx-pro...

KrbRelayEx-RPC tool is out! 🎉 Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) github.com/decoder-it/K...

If you thought phishing was now ineffective, you may have missed something 👀 My latest post highlights the advanced tactics used to bypass security controls and deceive even the most savvy users. Check it out ⤵️

From classic HTML pages to advanced MFA bypasses, dive in with @atsika.bsky.social in an exploration of phishing techniques 🎣. Learn some infrastructure tricks and delivery methods to bypass common detection. 👉 blog.quarkslab.com/technical-di... (promise this one is legit 👀)

#PEbear (github.com/hasherezade/...) is now available via WinGet (learn.microsoft.com/en-us/window...)! You can install it easier than ever - just type: `winget install pe-bear` from Powershell.

[DEMO] Searching for #AceLdr in memory, with #PEsieve/#HollowsHunter threads scan: www.youtube.com/watch?v=RQf2... ; read more: github.com/hasherezade/...

Recently came across a pretty neat technique to silently load (malicious) VS Code extensions using its bootstrapping and portability features. Thought it was interesting enough to warrant my first blog post in 4 years 🙃 Check it out 👇 casvancooten.com/posts/2025/0...

A Plan to Pwn: Reviving a 17 year old bug or winning a race against Project Management? We've got both. Mathieu Farrell shows you how in the "Pwn Everything, Bounce Everywhere, all at once" blog post series. blog.quarkslab.com/pwn-everythi...

ICYMI: 5 vulnerabilities in SOPlanning, an open source project management application used by major consulting services providers. In part 2 of "Pwn Everything, Bounce Everywhere, all at once" Mathieu Farrell tells you how to chain them for unautheticated RCE blog.quarkslab.com/pwn-everythi...

In this blog post, I explain how I was able to create a PowerShell console in C/C++, and disable all its security features (AMSI, logging, transcription, execution policy, CLM) in doing so. 💪 👉 blog.scrt.ch/2025/02/18/r...