Bypassing Symantec Endpoint Protection for Fun & Profit (Defense Evasion)

By Zubin on

As a penetration tester or a red teamer, if one has tried to execute a malicious payload during their engagements, an off the shelf payload generated by the common payload generation tools such as "msfvenom" or utilizing "mimikatz" to dump credentials from the LSASS is flagged almost immediately. Common AV…

Pwning Wireless Peripherals

By Zubin on

On internal security assessments, in order to lay the initial ground for the assessment, the primary objective is to identify and gain access to the internal network vis-à-vis establish initial foothold in the network. One of the common routes that a Pentester would take is to look for low hanging…