Koloss's Lab

Active Directory Lab | Emulating a phished user click

Posted on November 6, 2022May 4, 2024 by Koloss

This is an attempt to emulate successfully phishing a user to the point in which they download and execute a payload. When doing things in a lab, it almost never emulates real user interaction and it is an extra step to login to the victim host just to click on an email you sent 30 seconds ago. This method uses outlook rules and powershell to automatically download and execute a link received from a specific user.

This isn’t exactly a full tutorial with every command and button click, more of the steps I went through to create the emulated actions.

Linux Libvirt Build Pipeline

Posted on December 17, 2021December 18, 2021 by Koloss

As a red teamer, I’ve needed to build various Windows executables that usually required me interacting with a Virtual Machine where I had to run Visual Studio or powershell to build the projects. If I was using VMware workstation or VirtualBox I could mount a local folder to store the files and what not but it was still pretty cumbersome. I created this little pipeline to speed that process up. It utilizes libvirt to run a VM headlessly and then the script interacts with it over ssh to build the csproj file passed to it.

PDF Captcha Phishing/Malware Analysis | Bitter-Shadow

Posted on April 2, 2021November 10, 2021 by Koloss

If you have google’d anything lately, you may have noticed an increase in squarespace/cdn PDFs that resemble google Captchas. Most of these documents contain a fake captcha, wall of text and a series of PDF links to have random subject names on every type of top level you can think of.

MalwareTech Challenge | Strings1

Posted on January 11, 2020November 10, 2021 by Koloss

At this point in my career I have had the chance to analyze various forms of malware, but I still have yet to dive deep into reversing from assembly. I understand the basics and have analyzed some of my own basic C programs but I always feel like I am missing something or it was too easy because I made it and understood what I was looking for.

WriteUp | HTB | Jerry

Posted on September 27, 2019November 10, 2021 by Koloss

Out of all of my HTB experience. Jerry was one of the easiest. However, that doesn’t mean it wasn’t fun. I took the opportunity to use some tools I hardly or have never used.