Falls for sysvol canary Undetected C2 Channel Custom KQL catches recon TL blocked DA obtained Banned within 1 hour of test Privesc CS fails to fix CMD bug b4 test User cred in file share Falls for file share honeypot BYOVD (uncaught) Identify attacker infrastructure Pentester doxed (hi trevor) TL zeroday :) PT asks to disable TL Dev PC pwn Rickrolled by antiresponder Undetected until DA (Austin eats his shoe) Unblocked LOLBAS Pentest happens while BT at defcon Austin reverses payload CS zeroday :( Damnit Macros Credential found via responder Falls for sysvol canary Undetected C2 Channel Custom KQL catches recon TL blocked DA obtained Banned within 1 hour of test Privesc CS fails to fix CMD bug b4 test User cred in file share Falls for file share honeypot BYOVD (uncaught) Identify attacker infrastructure Pentester doxed (hi trevor) TL zeroday :) PT asks to disable TL Dev PC pwn Rickrolled by antiresponder Undetected until DA (Austin eats his shoe) Unblocked LOLBAS Pentest happens while BT at defcon Austin reverses payload CS zeroday :( Damnit Macros Credential found via responder
(Print)
Falls for sysvol canary
Undetected C2 Channel
Custom KQL catches recon
TL blocked
DA obtained
Banned within 1 hour of test
Privesc
CS fails to fix CMD bug b4 test
User cred in file share
Falls for file share honeypot
BYOVD (uncaught)
Identify attacker infrastructure
Pentester doxed (hi trevor)
TL zeroday :)
PT asks to disable TL
Dev PC pwn
Rickrolled by antiresponder
Undetected until DA (Austin eats his shoe)
Unblocked LOLBAS
Pentest happens while BT at defcon
Austin reverses payload
CS zeroday :(
Damnit Macros
Credential found via responder
