InInfoSec Write-upsbyFahri KorkmazHow a Chinese APT used Visual Studio Code for Command & ControlAs described in Unit42’s analysis, Chinese APTs have used Visual Studio Code’s tunnel feature to establish reverse shells. These shells are…Sep 16, 2024Sep 16, 2024
Fahri KorkmazThe problem with SmbmapWhen using Smbmap in your Red Team engagement, keep in mind, that Smbmap creates a random directory at the root of each SMB Share to check…Jan 23, 2023Jan 23, 2023
Fahri KorkmazWindows Persistence: Registry Run KeysAfter getting a foothold on a target, the next goal should be to persist on that target. If no persistence method is utilized, then the…Apr 17, 2022Apr 17, 2022
Fahri KorkmazEvading Network Defense with Protocol ManipulationSignature based intrusion detection or prevention systems, will detect malicious activity through a predefined signature. If a Red Team…Mar 6, 2022Mar 6, 2022
Fahri KorkmazRed Team Engagement PlanningA short article outlining the phases to go through, while planning a red team engagement.Feb 20, 2022Feb 20, 2022
Fahri KorkmazWeaponize JScript to bypass Windows DefenderTo gain initial access during a Red Team Engagement, Phishing might be a valid option. This is used to deliver a payload to the target. For…Dec 26, 2021Dec 26, 2021
