SensePost | Blog

P4wnP1 LTE updates

Reading time: ~11 min

Posted by Rogan Dawes on 27 October 2023

Categories: Hardware, Physical threats, Redteam

After publishing my blog post about running P4wnP1 on an LTE modem, where I explained how to install Linux and...

Reading time: ~13 min

Posted by aurelien.chalot@orangecyberdefense.com on 10 July 2023

Categories: Browser, Cache, Redteam, Smuggling

On red team engagements, I often use social engineering to get one of my client’s employees to run my malicious...

Reading time: ~12 min

Posted by Rogan Dawes on 09 July 2023

Categories: Hardware, Physical threats, Redteam

I’ve written a couple of blog posts in the past in which I explain how to use Marcus Mengs’ truly...

Reading time: ~34 min

Posted by aurelien.chalot@orangecyberdefense.com on 27 October 2022

Categories: Authentication, Internals, Redteam, Token, Windows

During an internal assessment, I performed an NTLM relay and ended up owning the NT AUTHORITY\SYSTEM account of the Windows...

Reading time: ~5 min

Posted by Rogan Dawes on 20 July 2020

Categories: Networking, Redteam

When conducting a red team exercise, we want to blend in as much as possible with the existing systems on...

Reading time: ~18 min

Posted by Rogan Dawes on 09 July 2020

Categories: Hardware, Networking, Redteam, Training

In part 1 of this series, we set up the NanoPi R1S as a USB attack tool, covering OS installation,...

Reading time: ~11 min

Posted by Rogan Dawes on 18 May 2020

Categories: Hardware, Redteam, Training, Usb

As part of our preparations for our upcoming RingZer0 “Q Division” Training, I have been working on making a software...

Reading time: ~11 min

Posted by Rogan Dawes on 02 December 2019

Categories: Internal, Radio, Real-world, Redteam, Rf, Shells, Usb

In this post, I will recap some of the security research conducted on wireless keyboards and mice, and eventually show...