Archive - 2xxe

Automating Purple Team Execution with Mythic and Apollo

https://sra.io/blog/automating-purple-team-execution-with-mythic-and-apollo/

Oct 21

August 2025

Enhancing Purple Team Testing with ALLCAPS: A Capability-Based Approach to Execution

https://sra.io/blog/enhancing-purple-team-testing-with-allcaps-a-capability-based-approach-to-execution/

Aug 27

May 2025

Developing Purple Team Attack Plans from Threat Intelligence

https://sra.io/blog/developing-purple-team-attack-plans-from-threat-intelligence/

May 13

Limiting WMI Lateral Movement via DCOM Permissions

https://sra.io/blog/limiting-wmi-lateral-movement-via-dcom-permissions/

May 13

July 2024

An Overview of Deputies in AWS

https://sra.io/blog/an-overview-of-deputies-in-aws/

Jul 11, 2024

March 2024

Market Maker Public Release

https://sra.io/blog/market-maker-public-release/

Mar 18, 2024

PDCD: Orchestrating Payload Generation

https://sra.io/blog/pdcd-orchestrating-payload-generation/

Mar 18, 2024

Timberlake: AWS Attack Automation

https://sra.io/blog/timberlake-aws-attack-automation/

Mar 18, 2024

June 2022

Misc: LAPS Password Retrieval Logs via DS Access

LAPS password retrieval activity can be logged via directory service advanced auditing, specifically event ID 4662, after configuring the appropriate…

Jun 30, 2022

May 2022

Automated Detection Rule Analysis with Dredd

https://sra.io/blog/automated-detection-rule-analysis-with-dredd/

May 5, 2022

Selective Kerberoast Prevention using DACLs

https://sra.io/blog/selective-kerberoast-prevention-using-dacls/

May 5, 2022

June 2019

Attacking Apache Karaf

imported from https://2xxe.com/posts/6/

Jun 7, 2019

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts