Red Teaming · 46 articles

Red Teaming

AD exploitation, lateral movement, persistence, defense evasion — MITRE ATT&CK aligned playbooks.

AI Security

Autonomous AI Red-Team Tools 2026

May 30, 2026 · 1 min read
Hacking Tools 2026

EDR Bypass Techniques in 2026: How Modern Threats Evade Endpoint Defenses

Technical survey of EDR bypass — ETW patching, AMSI bypass, direct/indirect syscalls, BYOVD, LOLBins. For defenders tuning detections and red teamers learning…

May 22, 2026 · 8 min read
Academy

Module 20 · Initial Access — Modern Techniques in 2026

The initial-access categories Phishing: targeted email with malicious link or attachment. Valid accounts: stolen / purchased credentials; password spray. Exposed services: VPN,…

May 14, 2026 · 3 min read
Academy

Module 19 · Living-off-the-Land Binaries (LOLBins) Mastery

Why LOLBins matter Binary is signed by Microsoft — passes signature checks. Binary is present on every Windows host — no payload…

May 14, 2026 · 3 min read
Academy

Module 17 · Beyond Cobalt Strike — Sliver, Mythic, Brute Ratel, Havoc

The C2 landscape Framework Licence Notes Cobalt Strike Commercial (Fortra) Industry standard; highly detected Sliver Open-source (Bishop Fox) Go-based; mTLS / DNS…

May 14, 2026 · 2 min read
Academy

Module 18 · EDR Evasion in 2026

The EDR detection stack User-mode hooks: EDR hooks key API calls (CreateRemoteThread, NtMapViewOfSection, etc.) to inspect arguments. Kernel-mode callbacks: PsSetCreateProcessNotifyRoutine, PsSetCreateThreadNotifyRoutine notify…

May 14, 2026 · 3 min read
Academy

Module 16 · Adversary Emulation Plans — TTPs from Threat Intel to Engagement

Why emulate vs. just pentest Generic pentests find generic findings. Adversary emulation tests whether you can withstand the specific groups that target…

May 14, 2026 · 3 min read
Academy

Sliver C2 Operator Guide — Implants, Transports, OPSEC, and the Detection Patterns Blue Teams Should Hunt

Sliver is the open-source post-Cobalt-Strike C2 framework — accessible to Indian red teams without licensing barriers, and the most-abused C2 after CS…

May 8, 2026 · 6 min read
Academy

Wireless Security and Wi-Fi Attacks — WEP to WPA3, and Why Captive Portals Lie

Wi-Fi has gone through five generations of security: WEP (broken, do not deploy), WPA/WPA2 (still common, still attackable via offline cracking and…

Apr 26, 2026 · 11 min read
Red Teaming

Adversarial ML Examples: Attacks and Defences

Adversarial examples — white-box (PGD), black-box (transfer, score-based, decision-based), physical-world attacks (patches, glasses, road signs), text adversarial. Adversarial training, defensive distillation, input…

Apr 25, 2026 · 3 min read
1 2 3 5