logo
Red tradecraft
Operational procedures for endpoint attacks
  • Privacy greenhouse
  • Defence blues
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
    • In: Where the falcons and foxes roam
      • A canopy of apple-blossom
      • Social engineering
      • Where wild boars plough through endpoints
      • Wolverines do not ask for permissions
      • Riches in the ground
      • The device is just the keyring
        • Field notes from the identity layer
        • Operational procedures for endpoint attacks
          • Runbook: Endpoint initial access
          • Runbook: EDR bypass
          • Runbook: Credential and token harvesting
          • Runbook: Pivot from endpoint to cloud
        • Operational procedures for endpoint attacks
          • Runbook: Endpoint initial access
          • Runbook: EDR bypass
          • Runbook: Credential and token harvesting
          • Runbook: Pivot from endpoint to cloud
        • Attack chain playbooks for endpoint operations
      • Poking physics with network packets
    • Through: Where the raccoons burrow and rummage
    • Out: Where squirrels swipe the crown jewels
    • Unseen University Power & Light Co.
    • The Scarlet Semaphore
    • Myrddin’s menagerie

    Operational procedures for endpoint attacks¶

    Runbooks:

    • Runbook: Endpoint initial access
    • Runbook: EDR bypass
    • Runbook: Credential and token harvesting
    • Runbook: Pivot from endpoint to cloud
    2026-04-01 10:32
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7