Red Teaming · 46 articles

Red Teaming

AD exploitation, lateral movement, persistence, defense evasion — MITRE ATT&CK aligned playbooks.

Red Teaming

Ivanti Connect Secure 2024 CVEs: Mass Exploitation and Lessons

CVE-2023-46805 + CVE-2024-21887 chained for unauthenticated RCE on Ivanti VPN. Mass-exploited within hours by nation-state and ransomware actors. IoCs, the 7-step IR…

Apr 25, 2026 · 3 min read
Red Teaming

Fortinet FortiGate CVEs: The Edge-Device Attack Surface Pattern

Fortinet's recent CVE history (2022-40684, XORtigate, 2024-21762, FortiManager 23113 / 47575) shows the structural risk of edge devices. IoCs, mitigation pattern, and…

Apr 25, 2026 · 2 min read
Red Teaming

OSINT Methodology for Pentesters: The 2026 Toolchain

Practitioner OSINT methodology — subdomain enumeration with subfinder/amass, live discovery with httpx, vulnerability scanning with nuclei, people enumeration with theHarvester, GitHub secrets…

Apr 25, 2026 · 3 min read
Red Teaming

Subdomain Enumeration Deep-Dive: Beyond subfinder

Senior subdomain enumeration — passive sources (CT logs, DNS aggregators), active brute-force with smart wordlists, JS-file analysis, cloud-asset patterns, subdomain takeover hunting.…

Apr 25, 2026 · 3 min read
Red Teaming

Sock Puppet Accounts for OSINT Investigations: OPSEC and Ethics

Operational sock puppet accounts for OSINT — the OPSEC stack (browser profile, VPN, email, phone, fingerprint), believable persona building, attribution mistakes, legal/ethical…

Apr 25, 2026 · 4 min read
Red Teaming

ProxyShell: The Exchange Vulnerability That Fueled Ransomware

ProxyShell (CVE-2021-34473/34523/31207) chain — pre-auth RCE on Exchange. Why it became ransomware fuel, IoCs (webshells in Exchange directories, anomalous PowerShell remoting), patching…

Apr 25, 2026 · 2 min read
Red Teaming

Nmap for Pentesters: Beyond -sV -sC

Senior Nmap workflow — phased scanning (discovery, full TCP, service detection, vuln scripts, UDP), NSE scripts that find bugs (vulners, smb-vuln, ssl-enum-ciphers),…

Apr 25, 2026 · 3 min read
Red Teaming

Metasploit in 2026: The Practitioner Workflow

Metasploit beyond search-and-exploit — workspace management, database integration, payload customisation with msfvenom, listener management, post-exploitation modules, integration with BloodHound and modern C2.…

Apr 25, 2026 · 3 min read
Red Teaming

CVE-2024-1086 (nf_tables): Linux Kernel LPE Pattern

nf_tables use-after-free in Linux 5.14-6.6 — LPE plus container escape via user namespace. Public exploit, affected kernels, detection, and the broader kernel-CVE…

Apr 25, 2026 · 3 min read
Red Teaming

Hydra in 2026: Modern Brute-Force That Doesn’t Trip Lockouts

Modern brute-force — password spraying instead of per-user, slow-and-low timing, distributed source IPs, targeted Indian wordlists. Where it still works (internal services,…

Apr 25, 2026 · 2 min read