Vincent Yiu
linkedin
github
@vysecurity
Search…
Red Team
About Vincent Yiu
Red Team Tips
Videos
Red Team
Attack Infrastructure
Backdooring PE Files
Cloud Security
Command and Control
General Exploitation
Hardware and Gadgets
Post Exploitation
Reconaissance
Misc
Powered By
GitBook
Videos
This area contains a list of videos I've created on YouTube to help educate and inspire more cyber thinking!
USBNinja (Old name: USBHarpoon) - A BadUSB Cable Implementation
https://www.youtube.com/watch?v=6mDspyi5ROw
USBNinja - BT Edition Revealed
https://www.youtube.com/watch?v=UhBK-M2iXwA
https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/
DomLink - Horizontal domain enumeration:
https://www.youtube.com/watch?v=iHlru5OyAbc
The Stageless LNK:
https://www.youtube.com/watch?v=7v21y21dleA
Alibaba CDN Domain Fronting:
https://www.youtube.com/watch?v=01XwImjQYZs
CVE-2018-4878 Aggressor Script:
https://www.youtube.com/watch?v=JhUlOIEdq0s
CVE-2018-4878 - SWF IE Driveby:
https://www.youtube.com/watch?v=erHQzMIRiq0
CVE-2017-8747 - SWF Exploit:
https://www.youtube.com/watch?v=IGIgI21HM4U
Fronting Through Asia - Alibaba CDN:
https://www.youtube.com/watch?v=IK-mJ-HmQJ8
CVE-2017-8759 - Weaponisation Tutorial:
https://www.youtube.com/watch?v=hlkx5uYBT1Y
CVE-2017-8759 - RTF WSDL SOAP Parser Vulnerability 1-day:
https://www.youtube.com/watch?v=nHXKnTTtWk8
MorphHTA:
https://www.youtube.com/watch?v=X4S2aQ4o_jA
Token Pivoting? High Integrity Level - SYSTEM -> TrustedInstaller:
https://www.youtube.com/watch?v=ytZ22kvuhrQ
ANGRYPUPPY - BloodHound Attack Automation in CobaltStrike:
https://www.youtube.com/watch?v=yxQ8Q8itZao
BLUEBATTERY - Internet Explorer Enumeration and Manipulation:
https://www.youtube.com/watch?v=qlTXfZeaiVI
LinkedInt - An automated LinkedIn scraper with e-mail format prediction:
https://www.youtube.com/watch?v=7d-CAVhSHY0
CACTUSTORCH - CobaltStrike Aggressor Script:
https://www.youtube.com/watch?v=_pwH6a-6yAQ
CACTUSTORCH - DotNetToJScript all the things:
https://www.youtube.com/watch?v=YiaKb8nHFSY
StarFighters - Run PowerShell without PowerShell within JS and VBS:
https://www.youtube.com/watch?v=axBf-4oxOds
RDPInception - The Dangers of TSCLIENT:
https://www.youtube.com/watch?v=uLFBpdjrXx0
TOR Fronting - Utilising Hidden Services for Privacy:
https://www.youtube.com/watch?v=OARw7yg0Ypc
TOR Fronting - Utilising Hidden Services for Privacy:
https://www.youtube.com/watch?v=I3ovfrqcF0I
Domain Fronting - Sophos Web Security Categorization:
https://www.youtube.com/watch?v=0imkl8K4gvY
Abusing Domain Fronting on Amazon CloudFront:
https://www.youtube.com/watch?v=zSBnM2HcRTw
Paladins - EAC Bypass:
https://www.youtube.com/watch?v=LYw6koxkIdw
DPRK Malleable Profile (Just for lols):
https://www.youtube.com/watch?v=biodnXcvDvE
Cobalt Strike CNA - Eventvwr UAC Bypass:
https://www.youtube.com/watch?v=ULIYnrPhgns
Office Template VDI Persistence:
https://www.youtube.com/watch?v=Dkr2aBXpiM0
Trusted Location Application Whitelist Bypass and Persistence for VDI:
https://www.youtube.com/watch?v=gGQ_yxRtfI0
WePWNise Introduction:
https://www.youtube.com/watch?v=trDr3cZRWSA
Previous
Red Team Tips
Next - Red Team
Attack Infrastructure
Last modified
3yr ago
Copy link