Credential found via responder Undetected C2 Channel Falls for sysvol canary Privesc Unblocked LOLBAS Rickrolled by antiresponder Pentest happens while BT at defcon DA obtained Undetected until DA (Austin eats his shoe) Falls for file share honeypot BYOVD (uncaught) PT asks to disable TL Banned within 1 hour of test CS zeroday :( Custom KQL catches recon Identify attacker infrastructure Pentester doxed (hi trevor) TL blocked TL zeroday :) CS fails to fix CMD bug b4 test Austin reverses payload Damnit Macros Dev PC pwn User cred in file share Credential found via responder Undetected C2 Channel Falls for sysvol canary Privesc Unblocked LOLBAS Rickrolled by antiresponder Pentest happens while BT at defcon DA obtained Undetected until DA (Austin eats his shoe) Falls for file share honeypot BYOVD (uncaught) PT asks to disable TL Banned within 1 hour of test CS zeroday :( Custom KQL catches recon Identify attacker infrastructure Pentester doxed (hi trevor) TL blocked TL zeroday :) CS fails to fix CMD bug b4 test Austin reverses payload Damnit Macros Dev PC pwn User cred in file share
(Print)
Credential found via responder
Undetected C2 Channel
Falls for sysvol canary
Privesc
Unblocked LOLBAS
Rickrolled by antiresponder
Pentest happens while BT at defcon
DA obtained
Undetected until DA (Austin eats his shoe)
Falls for file share honeypot
BYOVD (uncaught)
PT asks to disable TL
Banned within 1 hour of test
CS zeroday :(
Custom KQL catches recon
Identify attacker infrastructure
Pentester doxed (hi trevor)
TL blocked
TL zeroday :)
CS fails to fix CMD bug b4 test
Austin reverses payload
Damnit Macros
Dev PC pwn
User cred in file share
