Init1Security

A new tool in our arsenal: DotBlind, a Python script that applies sandbox evasion, anti-debug techniques, AES and XOR encryption to compiled .NET binaries for evasion, it's looking very promising, testing with execute-assembly should be a big win, currently dropping to disk and executing is functional. 🫡 #redteam

@bohops As always all the cool talks are outside the U.S., jk,jk. Congrats super interesting topic as always!

COM is a gift that keeps on giving.. yet another relic of the Windows OS that is unlikely to go away in the near future.

Living in-memory? Need to run great tools for enumeration, exploitation, persistence, and privilege escalation? SharpCollection has you covered. github.com/Flangvik/Sharp… #redteam

Built an evasive CS RL with Crystal Palace that bypasses Elastic EDR. The evasion lives inside the blob. Not in how it got there. Blog: lorenzomeacci.com/bypassing-edr-… Source: github.com/kapla0011/Kapl…

Using Crystal Palace and AdaptixC2 maorsabag.github.io/posts/adaptix-…

Excited to deliver our first Red Team workshop in Spanish for Mexico! This course is customized to provide a solid understanding of Red Teaming and to train offline LLMs for Red Team operations, while still working with C2 and following the attack chain: Initial Access techniques, Persistence, Privilege Escalation, and more!. 🇲🇽 #redteam

@_RastaMouse I went all in, working on Kali Linux 😄

I'm going to legit try and make the jump to Linux as my daily driver. Wish me luck, fam.

@wire_catt Hey still really great tips 😄

@init1security > OPSEC > 8 years ago

227 tips dedicated to red teaming, OPSEC, infrastructure, payloads, etc. github.com/vysecurity/Red…

Tokens are incredibly powerful in terms of scope and access. Get the correct one and your access becomes extraordinary. With ANIMO, we try to automate this and use a seamless approach so users can easily obtain and use these tokens. #redteam

Experimented with using WIM files as containers. Normally DISM requires admin privileges to extract them, but you can decompress a WIM byte-by-byte in C#/PowerShell by copying the correct offsets (7-Zip can create the WIM). No admin, no DISM, no wimgapi.dll just PowerShell. Even kept the ADS stream of an LNK payload that extracts and executes via a LOLBIN. #redteam

Creative ideas, all the way!!

This is great the tool seems stable, and we're diving into its latest updates. Then we're releasing ANIMO to the public: a full Azure "C2" that supports multiple known Azure techniques, ranging from Initial Access to Data exfiltration. Really excited!! #redteam

@KernelDBG Absolutely, it’s the capabilities we take into consideration to get around EDR/AV. The interesting bit is the JScript and VBScript 🫡

@init1security chm is a monitored extension for all DERs

Years ago, we used older macro-enabled techniques such as EarlyAPC and NtMapViewOfSection in our macros, but we have since fully transitioned to more "obscure" extensions and successfully applied them to CHM files. The Initial Access Framework has come along way!! #redteam

After 3+ years in development, the Initial Access Framework (Ashley) is now targeting macOS and Linux extensions in the future. It's building up nicely!! #redteam

In the red team space, there have been manifestos and "how-to" guides for hacking. @dmcxblue has released three guides to learn and practice hacking legally: #redteam dmcxblue.net/2025/08/23/how… dmcxblue.net/2024/05/15/how… dmcxblue.net/2023/09/19/how…

Raphael Mudge, the creator of Cobalt Strike, gave a free course on Red Team concepts and using Cobalt Strike a great resource for anyone working with C2. #redteam youtube.com/watch?v=i6tsLW…

Yo, a new Blog Post about Bypass All Sec Control in windows like (win def,applocker,WDAC,SmartScreen,ASR,PPL,Sysmon,Edrs) 0xdbgman.github.io/posts/sec-cont… #EDRS #Bypass #PPL #WDAC #Redteam #windowsDefender #ASR #Sysmon