dtm.uk Open in urlscan Pro
54.36.229.177  Public Scan

Form analysis
0 forms found in the DOM

Text Content

@dtmsecurity
 * Home
 * Research & Development
 * Twitter




@DTMSECURITY


RED TEAM & ADVERSARY SIMULATION BLOG


COBALT STRIKE DNS DIRECT EGRESS NOT THAT FAR AWAY

Cobalt Strike 4.3 added a bunch of useful new DNS beacon features which allow
the behaviour to be tweaked more than before. Prior to this release the
configuration was

 * DTM

DTM 3 Mar 2021 • 2 min read


CODE EXECUTION VIA THE WINDOWS UPDATE CLIENT (WUAUCLT)

Its been a few months since my last post about uploading and downloading data
with certreq.exe as a potential alternative to certutil.exe in LOLBIN land. I've
been having

 * DTM

DTM 12 Oct 2020 • 2 min read


UPLOAD AND DOWNLOAD SMALL FILES WITH CERTREQ.EXE

I stumbled on another lesser known LOLBAS (https://lolbas-project.github.io/)
for upload and downloading (small) files. CertReq.exe is present on Windows and
its intended use to to assist

 * DTM

DTM 7 Jul 2020 • 2 min read


EXPLORING SEARCH CONNECTORS AND LIBRARY FILES IN WINDOWS

IntroductionThis short post explores the file formats .searchConnector-ms and
.library-ms. Both of these file formats have default file associations on most
Windows versions. They integrate with Windows to show content

 * DTM

DTM 17 Jun 2020 • 4 min read


SORRY YOU HAVE MISSED A PACKAGE

In Windows 10 there’s a handy way for administrators to provision systems by way
of something known as a “Provisioning Package”. This blog explores these files
which carry a

 * DTM

DTM 10 Jun 2020 • 6 min read


THE ORIGIN OF COMMAND AND CONTROL TRAFFIC

When chatting through the DNS over HTTPS based command and control technique
with defenders, something which came up in a blue teams arsenal caught my
attention. This was JA3 which is an open source project from Salesforce which
has been integrated into a lots

 * DTM

DTM 15 Feb 2019 • 3 min read


PLAYING WITH DNS OVER HTTPS (DOH)

It has been nearly a month since I spoke at Mitre ATT&CKcon and shared some
research into DNS over HTTPS (DoH) from a red team perspective. After releasing
the tool DoHC2 there has been quite a few people using it and talking

 * DTM

DTM 21 Nov 2018 • 6 min read


DNS OVER HTTPS (DOH) SERVERS

I recently conducted some research into DNS over HTTPS (DoH) that is documented
here. When it came to identifying any publically available DoH servers available
on the Internet I found the best resource to be the curl wiki page to be the
best place

 * DTM

DTM 6 Nov 2018 • 1 min read
@dtmsecurity
 * Home
 * Research & Development
 * Twitter


@dtmsecurity © 2022
Latest Posts Twitter Ghost
For informational and educational purposes only.

"Sometimes, hacking is just someone spending more time on something than anyone
else might reasonably expect." @JGamblin