This a bi-weekly dispatch is brought to you by team at Black Harbor. Every other week we share three things. One offensive technique, one defensive technique and something random that piqued our interest.

Offense

A new Rockyou.txt wordlist challenger enters the arena. Most interestingly to us 8.83% of passwords in this list are unique which means credentials are still the weakest part of any security chain. Credit: ahakcil

Defense

Search for running processes that import network functions. Use this to find processes that have been injected into that could be making network requests to stagers, C2 infrastructure etc. Credit: Jai Minton

Windows Socket API eg. TCP/IP:

tasklist /m WSock32.dlltasklist /m Ws2_32.dll

Windows Internet API: e.g. HTTP, FTP, NTP

tasklist /m Wininet.dll

Snippet

Bootstrapp a Computer Science Degree online w/ free resources. Credit: RandallKanna