Categories

exfiltration

Data Exfiltration over SaaS (safe application enablement)

Application Firewall Bypass over DNS (iodine)

DNS Data Exfiltration (encoded subdomains)

Data Exfiltration over DNS (netcat)

Application Firewall Data Exfiltration over UDP (ptunnel)

infrastructure

Ignore sensitive files in git!

Gateway HTTP Policies

Vulnerable Node.js Application

WARP Client SSL Decryption Certificate on Linux & Container

Damn Vulnerable Web Application Infrastructure

FTP Infrastructure

SMTP, IMAP, & DNS Infrastructure

initialaccess

Web Server Compromise - light up the WAF

Web Server Compromise - Node.js Remote Command Execution

Spearphishing Deploy Malware

Web Server Compromise - Apache Struts

core

Rate Limiting

phishing

Spearphishing Deploy Malware