{"version":1,"pages":[{"id":"-LP5U88qrgBt2CVJvgAl","title":"Red Team","pathname":"/","siteSpaceId":"sitesp_BRVmG","description":""},{"id":"-LP5daRsIiLdbXTLJGrK","title":"About Vincent Yiu","pathname":"/about","siteSpaceId":"sitesp_BRVmG","description":"Get to know Vincent Yiu"},{"id":"-LP5XYPwME_x8C9WN__c","title":"Red Team Tips","pathname":"/red-team-tips","siteSpaceId":"sitesp_BRVmG","description":""},{"id":"-LP7DFsHAGTPvuFq4LWC","title":"Videos","pathname":"/videos","siteSpaceId":"sitesp_BRVmG","description":""},{"id":"-LQ3XBrZgYjEnXWn5JU2","title":"Attack Infrastructure","pathname":"/red-team/attack-infrastructure","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-Ma-dLjh6tFlnQEugUmV","title":"CloudFlare for IP Address Filtering","pathname":"/red-team/attack-infrastructure/cloudflare-for-ip-filtering","siteSpaceId":"sitesp_BRVmG","description":"Filter IP addresses for common security solutions","breadcrumbs":[{"label":"Red Team"},{"label":"Attack Infrastructure"}]},{"id":"-Lf5OQaJ16Ofi9EQ0av6","title":"Azure Apps for Command and Control","pathname":"/red-team/attack-infrastructure/azure-apps-for-command-and-control","siteSpaceId":"sitesp_BRVmG","description":"Azure Apps are often subject to subdomain takeovers, or you might even want to use Azure Apps for Command and Control!","breadcrumbs":[{"label":"Red Team"},{"label":"Attack Infrastructure"}]},{"id":"-LP7JcKzkN83i7jOTAGo","title":"CobaltSplunk","pathname":"/red-team/attack-infrastructure/cobaltsplunk","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Attack Infrastructure"}]},{"id":"-LQ3UxXg-Ye7hFbabQHA","title":"Backdooring PE Files","pathname":"/red-team/archived","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7Ey11RSE8nfWFKsyz","title":"Backdoor 101","pathname":"/red-team/archived/backdoor-101","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Backdooring PE Files"}]},{"id":"-LP7FJivzG1yTeXlBShi","title":"Backdoor 102","pathname":"/red-team/archived/backdoor-102","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Backdooring PE Files"}]},{"id":"-LP7FOIksbalxLNOvaMH","title":"Backdoor 103","pathname":"/red-team/archived/backdoor-103","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Backdooring PE Files"}]},{"id":"-LQ3WVKGifJRY_gU9tmq","title":"Cloud Security","pathname":"/red-team/cloud-security","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7HUsyFbcODqEVjUy7","title":"CloudFront Domain Hijacks under Attack","pathname":"/red-team/cloud-security/cloudfront-domain-hijacks-under-attack","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Cloud Security"}]},{"id":"-LP7Hd6SiaHSJg6LlG_4","title":"Vultr Domain Hijacking","pathname":"/red-team/cloud-security/vultr-domain-hijacking","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Cloud Security"}]},{"id":"-LP7K6kOi2PbypxLC-Zv","title":"CloudFlare for Command and Control","pathname":"/red-team/cloud-security/cloudflare-for-command-and-control","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Cloud Security"}]},{"id":"-LQ3VQAb2f33Fngc2yf_","title":"Command and Control","pathname":"/red-team/domain-fronting","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-Mg_TpbAhV4PpPGNNjgX","title":"TryCloudFlare Infrastructure and Domain Fronting","pathname":"/red-team/domain-fronting/trycloudflare-infrastructure-and-domain-fronting","siteSpaceId":"sitesp_BRVmG","description":"Use TryCloudFlare's free service for reverse NAT tunnels, and at the same time, domain front to hide the real identity of the server.","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LcHJ8kDiboDb2ocJcj6","title":"Domain Fronting using StackPath CDN","pathname":"/red-team/domain-fronting/domain-fronting-using-stackpath-cdn","siteSpaceId":"sitesp_BRVmG","description":"A guide to setting up domain fronting, and exploring additional quirks that StackPath can provide.","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LWbFO2AHJs_SpbArHzN","title":"HAMMERTHROW: Rotate my domain","pathname":"/red-team/domain-fronting/hammerthrow-rotate-my-domain","siteSpaceId":"sitesp_BRVmG","description":"HAMMERTHROW is an aggressor script for CobaltStrike that rotates your command and control domains automatically.","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7FVEjDJiICzkGMVOc","title":"Domain Fronting via. CloudFront Alternate Domains","pathname":"/red-team/domain-fronting/domain-fronting-via.-cloudfront-alternate-domains","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7HReZ1XWCCdn9E4v6","title":"Validated CloudFront SSL Domains","pathname":"/red-team/domain-fronting/validated-cloudfront-ssl-domains","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7HNbxPWhDFUXrTkV6","title":"Domain Fronting: Who Am I?","pathname":"/red-team/domain-fronting/domain-fronting-who-am-i","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7HqnvGta63PE1ubVj","title":"Host Header Manipulation","pathname":"/red-team/domain-fronting/host-header-manipulation","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7HE9MaiWBO0DesIVz","title":"Finding Target-relevant Domain Fronts","pathname":"/red-team/domain-fronting/finding-target-relevant-domain-fronts","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7Gp5OxVXBdoMXrF5E","title":"Alibaba CDN Domain Fronting","pathname":"/red-team/domain-fronting/alibaba-cdn-domain-fronting","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LP7Fl1xbsfvLCY5iQ4O","title":"TOR Fronting — Utilising Hidden Services to Hide Attack Infrastructure","pathname":"/red-team/domain-fronting/tor-fronting-utilising-hidden-services-to-hide-attack-infrastructure","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Command and Control"}]},{"id":"-LQ3Vn7r1FyDzQ3dIXNv","title":"General Exploitation","pathname":"/red-team/cve-exploitation","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7GBX62DBDDMqT242t","title":"Payload Generation with CACTUSTORCH","pathname":"/red-team/cve-exploitation/payload-generation-with-cactustorch","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"General Exploitation"}]},{"id":"-LP7GfWOdMkkHmIlLUEf","title":"Exploiting CVE-2017–8759: SOAP WSDL Parser Code Injection","pathname":"/red-team/cve-exploitation/exploiting-cve-2017-8759-soap-wsdl-parser-code-injection","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"General Exploitation"}]},{"id":"-LP7G1QJSjq8NrdTdYCe","title":"Exploiting CVE-2017–0199: HTA Handler Vulnerability","pathname":"/red-team/cve-exploitation/exploiting-cve-2017-0199-hta-handler-vulnerability","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"General Exploitation"}]},{"id":"-LP7KJS7FFQl9NzpHNVt","title":"F# Shellcode Execution","pathname":"/red-team/cve-exploitation/f-shellcode-execution","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"General Exploitation"}]},{"id":"-LP5XvKM9RqDvIJegeOD","title":"Bypassing Gmail Attachment Virus Check","pathname":"/red-team/cve-exploitation/untitled","siteSpaceId":"sitesp_BRVmG","description":"Bypass Gmail's Attachment Virus Check for PowerShell Macros","breadcrumbs":[{"label":"Red Team"},{"label":"General Exploitation"}]},{"id":"-LP7JpY2C1cLP6JAAEBb","title":"IPFuscation","pathname":"/red-team/cve-exploitation/ipfuscation","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"General Exploitation"}]},{"id":"-LQ3WFulQeyb6z6MrD7t","title":"Hardware and Gadgets","pathname":"/red-team/hardware-and-gadgets","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7KsEsOk_diSSMxrOQ","title":"USBNinja","pathname":"/red-team/hardware-and-gadgets/usbninja","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Hardware and Gadgets"}]},{"id":"-LP7KNTzAuJDHUBbwgIN","title":"Aorus Gaming Box for Password Cracking","pathname":"/red-team/hardware-and-gadgets/aorus-gaming-box-for-password-cracking","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Hardware and Gadgets"}]},{"id":"-LP7KipM1Ynwx47cXn-r","title":"Proxmark Adventures 101","pathname":"/red-team/hardware-and-gadgets/proxmark-adventures-101","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Hardware and Gadgets"}]},{"id":"-LP5Y4_rwYc-s4PWjmjU","title":"Poor man’s guide to Raspberry Pi initial installation","pathname":"/red-team/hardware-and-gadgets/untitled-1","siteSpaceId":"sitesp_BRVmG","description":"Install Raspberry Pi without a monitor","breadcrumbs":[{"label":"Red Team"},{"label":"Hardware and Gadgets"}]},{"id":"-LQ3WlSoSVBum-HuSTlm","title":"Post Exploitation","pathname":"/red-team/post-exploitation","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7GMWuFT984bjIbmmP","title":"Introducing ANGRYPUPPY","pathname":"/red-team/post-exploitation/introducing-angrypuppy","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Post Exploitation"}]},{"id":"-LP7G7CX4yShmxpM1jKh","title":"RDPInception","pathname":"/red-team/post-exploitation/rdpinception","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Post Exploitation"}]},{"id":"-LP7FCHraRffIAe-IXlR","title":"VLAN Attacks","pathname":"/red-team/post-exploitation/vlan-attacks","siteSpaceId":"sitesp_BRVmG","description":"Quick reference to attacking VLANs","breadcrumbs":[{"label":"Red Team"},{"label":"Post Exploitation"}]},{"id":"-LQ3X-XncHEgDiLSPpyH","title":"Reconaissance","pathname":"/red-team/reconaissance","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7GWPyrBKRwqnCQ8kM","title":"Reconnaissance using LinkedInt","pathname":"/red-team/reconaissance/reconnaissance-using-linkedint","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Reconaissance"}]},{"id":"-LP7HYMv6wq8PkmXDZGK","title":"DomLink — Automating domain discovery","pathname":"/red-team/reconaissance/domlink-automating-domain-discovery","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Reconaissance"}]},{"id":"-LP7JVlHBBJ300rbq9B4","title":"OffensiveSplunk vs. Grep","pathname":"/red-team/reconaissance/offensivesplunk-vs.-grep","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Reconaissance"}]},{"id":"-LQ3XJHv1paAwmucaysq","title":"Misc","pathname":"/red-team/misc","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"}]},{"id":"-LP7GcDl-3TGYiMvDMYk","title":"Under the wire: Trebek — Walkthrough","pathname":"/red-team/misc/under-the-wire-trebek-walkthrough","siteSpaceId":"sitesp_BRVmG","description":"","breadcrumbs":[{"label":"Red Team"},{"label":"Misc"}]}]}