Vincent Yiu
linkedin
github
@vysecurity
Search…
Red Team
About Vincent Yiu
Red Team Tips
Videos
Red Team
Attack Infrastructure
Backdooring PE Files
Cloud Security
Command and Control
General Exploitation
Hardware and Gadgets
Post Exploitation
Reconaissance
Misc
Powered By
GitBook
Videos
This area contains a list of videos I've created on YouTube to help educate and inspire more cyber thinking!
USBNinja (Old name: USBHarpoon) - A BadUSB Cable Implementation
​
https://www.youtube.com/watch?v=6mDspyi5ROw
​
USBNinja - BT Edition Revealed
​
https://www.youtube.com/watch?v=UhBK-M2iXwA
​
​
https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/
​
DomLink - Horizontal domain enumeration:
​
https://www.youtube.com/watch?v=iHlru5OyAbc
​
The Stageless LNK:
​
https://www.youtube.com/watch?v=7v21y21dleA
​
Alibaba CDN Domain Fronting:
​
https://www.youtube.com/watch?v=01XwImjQYZs
​
CVE-2018-4878 Aggressor Script:
​
https://www.youtube.com/watch?v=JhUlOIEdq0s
​
CVE-2018-4878 - SWF IE Driveby:
​
https://www.youtube.com/watch?v=erHQzMIRiq0
​
CVE-2017-8747 - SWF Exploit:
​
https://www.youtube.com/watch?v=IGIgI21HM4U
​
Fronting Through Asia - Alibaba CDN:
​
https://www.youtube.com/watch?v=IK-mJ-HmQJ8
​
CVE-2017-8759 - Weaponisation Tutorial:
​
https://www.youtube.com/watch?v=hlkx5uYBT1Y
​
CVE-2017-8759 - RTF WSDL SOAP Parser Vulnerability 1-day:
​
https://www.youtube.com/watch?v=nHXKnTTtWk8
​
MorphHTA:
​
https://www.youtube.com/watch?v=X4S2aQ4o_jA
​
Token Pivoting? High Integrity Level - SYSTEM -> TrustedInstaller:
​
https://www.youtube.com/watch?v=ytZ22kvuhrQ
​
ANGRYPUPPY - BloodHound Attack Automation in CobaltStrike:
​
https://www.youtube.com/watch?v=yxQ8Q8itZao
​
BLUEBATTERY - Internet Explorer Enumeration and Manipulation:
​
https://www.youtube.com/watch?v=qlTXfZeaiVI
​
LinkedInt - An automated LinkedIn scraper with e-mail format prediction:
​
https://www.youtube.com/watch?v=7d-CAVhSHY0
​
CACTUSTORCH - CobaltStrike Aggressor Script:
​
https://www.youtube.com/watch?v=_pwH6a-6yAQ
​
CACTUSTORCH - DotNetToJScript all the things:
​
https://www.youtube.com/watch?v=YiaKb8nHFSY
​
StarFighters - Run PowerShell without PowerShell within JS and VBS:
​
https://www.youtube.com/watch?v=axBf-4oxOds
​
RDPInception - The Dangers of TSCLIENT:
​
https://www.youtube.com/watch?v=uLFBpdjrXx0
​
TOR Fronting - Utilising Hidden Services for Privacy:
​
https://www.youtube.com/watch?v=OARw7yg0Ypc
​
TOR Fronting - Utilising Hidden Services for Privacy:
​
https://www.youtube.com/watch?v=I3ovfrqcF0I
​
Domain Fronting - Sophos Web Security Categorization:
​
https://www.youtube.com/watch?v=0imkl8K4gvY
​
Abusing Domain Fronting on Amazon CloudFront:
​
https://www.youtube.com/watch?v=zSBnM2HcRTw
​
Paladins - EAC Bypass:
​
https://www.youtube.com/watch?v=LYw6koxkIdw
​
DPRK Malleable Profile (Just for lols):
​
https://www.youtube.com/watch?v=biodnXcvDvE
​
Cobalt Strike CNA - Eventvwr UAC Bypass:
​
https://www.youtube.com/watch?v=ULIYnrPhgns
​
Office Template VDI Persistence:
​
https://www.youtube.com/watch?v=Dkr2aBXpiM0
​
Trusted Location Application Whitelist Bypass and Persistence for VDI:
​
https://www.youtube.com/watch?v=gGQ_yxRtfI0
​
WePWNise Introduction:
​
https://www.youtube.com/watch?v=trDr3cZRWSA
​
Previous
Red Team Tips
Next - Red Team
Attack Infrastructure
Last modified
3yr ago
Copy link