At FalconForce, we like to understand the tools that we work with.

Time flies when you’re a Falcon! It’s been more than a month since I joined the FalconForce crew, and I didn’t find any time to introduce myself.

On January 28th, Christophe Tafani-Dereeper released the open source Stratus Red team attack simulation tool.

TL;DR for blue teams: Attackers use named pipes to conveniently move laterally and mostly bypass detection.

In this blog we will explore the possibilities to use Microsoft Sentinel to monitor a Windows environment for the creation of public SMB shares.

During red teaming engagements we often encounter database credentials in, for example, database scripts.