Archive - infosecnoodle

Obtaining Microsoft Entra Refresh Tokens via Beacon

An alternative technique for obtaining Microsoft Entra refresh tokens (and "family refresh tokens") using beacon on a compromised endpoint.

May 9

1

January 2025

Staging Beacons to Isolated Targets with BOF.NET

Using BOF.NET to deliver staged, web-hosted shellcode to isolated internal targets.

Jan 5

February 2024

VST Audio Plug-ins for Initial Access and Persistence

Abusing Virtual Studio Technology (VST) for red team initial access and persistence.

Feb 17, 2024

May 2023

Certified Red Team Lead (CRTL) Review

Review of the Red Team Ops II course and CRTL exam from Zero-Point Security.

May 19, 2023

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts