• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Bryan

Email Controls: Implementing DKIM with Postfix

February 14, 2019 By Bryan

Previously on the War Room, we discussed some basic mail control implementations. Specifically, we looked at simple text records that can be posted to determine what is allowed to send on behalf on the domain. SPF records and DMARC records, when properly configured, can help reduce the chances of someone being able to spoof the domain in a phishing attack. So the next thing we ... READ MORE

Spam Filter Evasion With King Phisher

January 7, 2019 By Bryan

Spam Score

It's no secret that phishing is the top attack vector when it comes to external compromise. So when it comes to penetration testing this is a vector that we can not ignore. However, as consultants, we are interacting with different clients and environments almost every week. Much like endpoint protection, there are a multitude of different spam filters and protection controls ... READ MORE

The Basics: SPF and DMARC Records

November 26, 2018 By Bryan

It is no secret that one of the major attack vectors is phishing. While some of the success of this is due to a lack of user education and awareness, the other side of the coin are missing basic controls. There is no shortage of enterprise level phishing controls out there, Mimecast and Proofpoint for example. However, these are not silver bullets when it comes to protecting ... READ MORE

Fire and Forget: Meterpreter Automation

February 20, 2018 By Bryan

Throughout the past year I have been conducting routine phishing assessments for a client. For their final test of the year, our point of contact wanted something consequential for those who fell for this phish... Something 'kinetic' if you will. They requested a 'Blue Screen of Death' approach, to which I ultimately opted for a less potentially destructive method. I would send ... READ MORE

All In One OSINT

June 16, 2017 By Bryan

If we've said it once, we've said it a thousand times: OSINT is an attacker's best friend. There are a plethora of tools out there that we use everyday as pentesters to accomplish our tasks. For those of you starting out in the field, or are hobbyists, you probably have virtual machine with Kali Linux installed. Kali is a great pentesting tool, the best part about it is it ... READ MORE

Do it Live! – Social Engineering Training

March 24, 2017 By Bryan

Social engineering one of the most utilized attack vectors used in real world breaches. These come in the form of phishing, vishing, device drops, and even in person. A lot of research and prep-time comes into play with social engineering as we have to know the target, the objective, the environment, and most importantly ourselves. Prior to security, I performed in theatre for ... READ MORE

Building a Convincing USB Drop

November 8, 2016 By Bryan

One of my favorite attack vectors is the USB drop. At RSM, our two go-to drops are the Rubber Ducky and backdoored executable files on a normal USB flash drive. We will typically load a Ducky with an Empire script which executes a PowerShell one-liner when plugged into a victim machine. The executable-loaded drives require the victim to mount and open the USB drive and then ... READ MORE

Download Now: Malicious Android Apps

August 8, 2016 By Bryan

In the modern world, almost every one of us has a mobile device in our pockets. Whether through Android, iOS, or even Windows, we have something that directly connects our lives to the internet. From texting to banking, smart phones can do it all. For better or worse, this means they are ripe for the picking in terms of an attack vector. Also according to the global market ... READ MORE

Intro to OSINT

April 1, 2016 By Bryan

*All images in this post were found using publicly available sources and should be used for educational purposes only One of the best things in the IT community is Open Source Software. Open source software is something where the a company develops a piece of software and then makes the source code publicly available, allowing anyone to look and manipulate the code. This has ... READ MORE

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.