Security is full of hidden features

In an attempt to start contributing back to the security community, I am starting a new blog series about Red Teaming for and with Macs. Macs seem to be more and more popular, but most red teaming blogs are exclusively Windows based. In conjunction with these blog posts, I will be releasing tools to help with red teamers on Macs.

Blog Series

Series #1:
Active Directory Discovery
Basics of Active Directory discovery with JXA, command-line tools, and wrapped in Orchard
Active Directory Discovery - Now with more Objective
Delving deeper into Objective C bridge in JXA to query Active Directory via APIs
Series #2:
Creating an Apfell - Part 1 - Sanic
Creating a basic RESTful, asynchronous, python web server
Creating an Apfell - Part 2 - peewee, peewee-async
Connecting to a Postgres database, ORMs, and event loops
Creating an Apfell - Part 3 - Jinja2, Twitter Bootstrap
User interface HTML templeting with Jinja2 and new UI elements with twitter bootstrap
Creating an Apfell - Part 4 - LISTEN/NOTIFY, Websockets
Asynchronous notifications from Postgres database, websockets (both in Sanic and JavaScript)
Creating an Apfell - Part 5 - Vue
Dynamic real-time page updates with Vue
Creating an Apfell - Part 6 - Sanic-auth, Sanic-wtf
User authentication with sanic-auth, and form submissions with sanic-wtf
Bare-Bones Apfell server code release
Initial release of a bare-bones server incorporating all of the above elements for expansion
Current frameworks: the upsides, the downsides, and my ideal
A brief walkthrough of common red teaming frameworks and why I decided to learn how to create my own
Series #3:
Beginning the operational tracking
An initial walkthrough of some updates and the beginnings of tracking operations - Payloads and Callbacks
C2 Profile Management
C2 Profile creation and tracking, now with more analytics and management
Series #4:
Creating a RAT - Part 1 - What is basic functionality
A walkthrough of the first release of apfell-jxa to discuss what is required for a basic RAT
Creating a RAT - Part 2 - Upping the game, securing your comms
Adding encryption, authentication, and detection checks to your basic RAT
Creating a RAT - Part 3 - Updating configurations
How to update configurations on the fly, including swapping out C2 mechanisms and loading code in JXA

Externnal Posting:


  • Orchard - A JavaScript for Automation (JXA) Active Directory enumeration tool.
  • Apfell - A macOS, post-exploit framework for red teaming
    • apfell-jxa - A JXA implant for use with the Apfell framework.
  • HealthInspector - A JXA script to do situational awareness without spawning new shell commands
  • KeytabParser - A python script to parse macOS’ Heimdal Keytab files and display the associated keys

For the Network is Dark and Full of Terrors

This is just a blog for personal coding projects, blog posts, and other interesting things that relate to red teaming, pen testing, CTFs, etc. By hosting it here, I can easily reference other github repositories and gists.