two06

Redteamer, hacker, researcher

Reading Windows Sticky Notes

Sticky Notes has been part of Windows since at least Windows 7. For those who aren’t familiar with it, Sticky Notes allows the user to add a quick n..


Software Development Principals for Offensive Developers - Part 2 (Adapters)

In part 1 of this series, we introduced the concept of interfaces and single object responsibility by starting to design a rudimentary implant. In t..


Software Development Principals for Offensive Developers - Part 1 (Fundamentals)

Offensive security professionals are spending more time writing code. While the industry has seen a steady move towards adopting dev-ops practices s..


AMSI as a Service - Automating AV Evasion

AMSI, the “AntiMalware Scan Interface”, has been around for some time. In a broad sense, it’s a component of Windows 10 which allows applications to..


Building Tooling With GitHub Actions

Earlier this year, XPN posted a blog about using Azure DevOps. With the up-coming release of GitHub Actions, I thought now would be a good time to l..


Persistence with KeePass - Part 2

In part 1 we saw how we can use KeePass to gain persistent access to a compromised system. The technique shown in part 1 required (in most cases) lo..


Persistence with KeePass - Part 1

In this post we are going to look at a method of gaining persistence using KeePass. This approach requires permissions to write to wherever KeePass ..


Stealing KeePass Credentials With Frida

In this post, we’re going to take a quick look at Frida and use it to steal credentials from KeePass.According to their website, Frida is a “dynamic..