The Blue Team Briefing

The Blue Team Briefing

Each week I curate a newsletter containing detections for the latest threats, get it now and save hours of research!

Featured articles

Hack the Box Lame Write-up

Hack the Box Lame Write-up

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 2)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 2)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 1)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 1)

Sep

25

Hack the Box Beep Write-up

Hack the Box Beep Write-up

Continuing the "OSCP-like" boxes series with Beep from Hack the Box. Overview Beep is another CVE based machine

Sep 25, 2021

3 min read

Sep

25

Hack the Box Legacy Write-up

Hack the Box Legacy Write-up

Welcome to the next in this series of write-ups of "OSCP-like" boxes. This time we will be attacking

Sep 25, 2021

2 min read

Sep

25

Hack the Box Lame Write-up

Hack the Box Lame Write-up

Welcome to the first in this series of write-ups of "OSCP-like" boxes as inspired by TJNull's great article

Sep 25, 2021

5 min read

Sep

25

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 2)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 2)

Following on from part 1 where we used Mitre Att&ck and Atomic Red Team to perform our attack

Sep 25, 2021

5 min read

Sep

25

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 1)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 1)

Creating SIEM use cases for any organisation can be a daunting task. The increasing number of advanced (and not so

Sep 25, 2021

8 min read

Sep

25

A Blue Team Blog

A Blue Team Blog

Welcome and thanks for taking the time to visit. I've been toying with the idea of setting up a small

Sep 25, 2021

2 min read