This gist compiles resources relevant to red teaming, potentially discussed during the talk "Stop Playing Defense: Proactive Security with Red Teaming" at the 2025 Security Matters Conference.
Contact Info
Andrew Chiles andrewchiles
andrewchiles
/ red_team_resources.md
Last active
April 23, 2025 23:07
Stop Playing Defense: Proactive Security with Red Teaming
andrewchiles
/ rpc_dump_rs5.txt
Created
September 24, 2021 20:34
— forked from enigma0x3/rpc_dump_rs5.txt
RPC interfaces RS5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------------------------- | |
| <WinProcess "smss.exe" pid 368 at 0x5306908L> | |
| 64 | |
| [!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000 | |
| -------------------------------------------------------------------------------- | |
| <WinProcess "csrss.exe" pid 472 at 0x5306e48L> | |
| 64 | |
| Interfaces : | |
| Endpoints : |
andrewchiles
/ mscorlib_load_assembly.vba
Created
September 30, 2019 18:47
— forked from monoxgas/mscorlib_load_assembly.vba
VBA code for calling Assembly.Load using raw vtable lookups for the IUnknown
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' Need to add project references to C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscoree.tlb and mscorlib.tlb | |
| Private Declare PtrSafe Function DispCallFunc Lib "oleaut32.dll" (ByVal pv As LongPtr, ByVal ov As LongPtr, ByVal cc As Integer, ByVal vr As Integer, ByVal ca As Long, ByRef pr As Integer, ByRef pg As LongPtr, ByRef par As Variant) As Long | |
| Private Declare PtrSafe Sub RtlMoveMemory Lib "kernel32" (Dst As Any, Src As Any, ByVal BLen As LongPtr) | |
| Private Declare PtrSafe Function VarPtrArray Lib "VBE7" Alias "VarPtr" (ByRef Var() As Any) As LongPtr | |
| #If Win64 Then | |
| Const LS As LongPtr = 8& | |
| #Else | |
| Const LS As LongPtr = 4& |