πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Search…
πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Introduction
Red Team
Red Team Techniques
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Active Directory
Active Directory
Active Directory Attacks
Red Team Infrastructure
RED TEAM INFRASTRUCTURE
Domain Name and Categorization
Reconnaissance
Weaponization
Delivery
Situational Awareness
Covenant and C#
Empire and PowerShell
Credential Dumping
Persistence
Defense Evasion
Privilege Escalation
Lateral Movement
Powered By GitBook
Covenant and C#
A demonstration of this would be using a few tools made in C-Sharp that are great to gather multiple information in a single step, these are some of the common things to be looking for to proceed to our next steps Seatbelt has packed the most common methods and the information considered important and valuable. Seatbelt has 3 groups that are valuable in the information gathering phase which should be run in different levels of permissions as some users can see more than others.
Covenant has a great built-in command already in its Tasks functions.
I will be demonstrating a few tools that are built-in Covenant and other methods related to the usage of C# tools via a C2 these can as well be placed on the Disk of the workstation and run normally as a binary on the console CMD & Powershell
Covenant
Seatbelt -group=system
Now Covenant accepts C# binaries to execute them in memory such as Cobalt Strikes famous execute-assembly method this is a great method to avoid our tool dropping onto the disk and leaving a footprint this task is called Assembly in Covenant will simply run this, select our binary and add any parameters
Choose the binary
The first box gives the assembly a name and the second the parameters, when this is added we can execute
Execution
This method is perfect since the seatbelt version from Covenant to our binary is different, unfortunately, Covenant hasn't received an update for a while so the built-in tools are a little outdated, but with this method, we can call our own C# tools current up to date.
Domain Enumeration
One of the things to keep in mind is that most C2 currently have their methods for enumerating the Domain Network of an environment for example Covenant has built-in commands that act like PowerView which can take parameters as well, depending on the tool and acceptable parameters for this.
Get-DomainComputers
Get-DomainUsers
Specific User (parameter demonstration)
Get-Processes
GetLocalGroup Information
LoggedOnUsers
To finish of this I just wanted to demonstrate the usage of Covenant and the works of using C# binaries and how they are great for automating a few information gathering techniques, this those not remove the fact of verifying things manually it's just a great way to gather plenty of information needed for our next actions
Previous
Situational Awareness
Next
Empire and PowerShell
Last modified 5mo ago
Copy link