Live session schedule

Release date

Topic

Tags

Wednesday May 6 2026 at 7 PM EST

Episode 37 - The BlueHammer case. What are TOCTOU bugs and why are they interesting? How to exploit and abuse this bug family.

Windows TOCTOU Exploit

Wednesday April 15 2026 at 7 PM EST

Episode 36 - Windows internal recap. What to look for and what matters when you are trying to understand the internals to evade EDRs and detection.

Windows EDRs

Wednesday April 1 2026 PM EST

Episode 35 - Lateral movement and execution techniques from an OPSEC perspective that are safe to run.

Windows Lateral Movement

Wednesday March 4 2026 at 7 PM EST

Episode 34 - Running a process through impersonation. The proper way.

Windows C DuplicateToken

Wednesday February 11 2026 PM EST

Episode 33 - Revisiting the obfuscation concept to hide your payload.

Obfuscation Coding

Wednesday January 28 2026 PM EST

Episode 32 - Building your web stack for your C2.

C2 Azure

Wednesday January 7 2026 at 7 PM EST

Episode 31 - Exploring and understanding how to identify vulnerable kernel drivers that can be exploited.

Windows Kernel

Wednesday December 3 2025 at 7 PM EST

Episode 30 - Special Episode: Flare.io presentation. How leaked credentials can be misued and used during red team exercise.

Windows Flare

Wednesday November 5 2025 at 7 PM EST

Episode 29 - Building and using your toolset to identify Azure attack vectors. Part III

Azure Python3

Wednesday October 15 2025 at 7 PM EST

Episode 28 - Building and using your toolset to identify Azure attack vectors. Part II

Azure Python3

Wednesday October 1 2025 at 7 PM EST

Episode 27 - Building and using your toolset to identify Azure attack vectors. Part I

Azure Python3

Wednesday September 3 2025 at 7 PM EST

Episode 26 - Running your own LLM locally and building a simple interface to use it

LLM C# llama3

Wednesday August 6 2025 at 7 PM EST

Episode 25 - Understanding the underlying concepts of ADCS and how certificate templates can be audited using C#.

C# ADCS

Wednesday July 23 2025 at 7 PM EST

Episode 24 - Auditing and searching for misconfigured GPOs using C#.

C# GPO Active Directory

Wednesday July 2 2025 at 7 PM EST

Episode 23 - Writing your own SOCKS4a proxy in C#.

C# SOCK4a

Wednesday June 4 2025 at 7 PM EST

Episode 22 - Incorporating sandbox evasion techniques into your malware using C and C#.

Evasion C C#

Friday May 16 2025 at 1 PM EST

Episode 21 - Chaining of the .NET no-memory-modification technique with remote shellcode loading and shellcode memory encryption to evade detection. All live from NorthSec.

.Net NorthSec 2025

Wednesday April 23 2025 at 7 PM EST

Episode 20 - Understanding Azure and Graph: Automation of user enumeration and more.

Azure Graph Python

Wednesday April 16 2025 at 7 PM EST

Episode 19 - Gathering user information without using LDAP queries in an Active Directory domain using WMI.

C COM WMI Active Directory

Wednesday March 12 2025 at 7 PM EDT

Episode 18 - Gathering user information without using LDAP queries in an Active Directory domain using Lsa* APIs.

C Lsa APIs Active Directory

Wednesday February 26 2025 at 7 PM EDT

Episode 17 - Code obfuscation using the power of assembly.

C Obfuscation Assembly

Wednesday February 12 2025 at 7 PM EDT

Episode 16 - Customizing your toolset to avoid detection: A case study using PingCastle.

C# Obfuscation PingCastle

Wednesday January 29 2025 at 7 PM EDT

Episode 15 - Writing your own scanner in C and C# and evading million-dollar deception devices.

C C# Port Scanner

Wednesday January 22 2025 at 7 PM EDT

Episode 14 - Remote service enumeration in C without the need of administrative privileges. The C file can be compiled as a BOF too.

C BOF LookupAccountNameA

Wednesday December 11 2024 at 7 PM EDT

Episode 13 - From Azure phishing to remote code execution.

Azure Cloud Phishing Python

Wednesday November 27 2024 at 5 PM EDT

Episode 12 - Running shellcode within C# without modifying the memory permissions.

C# CIL Obfusacation

Wednesday November 13 2024 at 7 PM EDT

Episode 11 - Azure device code phishing? What about Google Code Flow to phish Google Cloud based company.

Google Cloud Phishing Python

Wednesday October 30 2024 at 7 PM EDT

Episode 10 - Implementing a namedpipe C2 in C#.

C# NamedPipe Command & Control

Wednesday October 9 2024 at 7 PM EDT

Episode 9 - The art of understanding how things are working to become a better hacker.

C Proxying RPC Reverse Engineering

Wednesday September 25 2024 at 7 PM EDT

Episode 8 - BLASTRADIUS CVE-2024-3596 A study case of MD5 collision.

BLASTRADIUS MD5 collision AES attack

Tuesday September 10 2024 at 7 PM EDT

Episode 7 - The power of BOF.

C Cobalt Strike BOF

Wednesday August 14 2024 at 7 PM EDT

Episode 6 - Building your C2 communication channel.

Azure C2 Cobalt Strike

Wednesday July 31 2024 at 7 PM EDT

Episode 5 - Leveraging the compiler to obfuscate your code. Avoid compiler pitfalls that can break your obfuscation.

C Compiler Obfuscation GCC

Wednesday July 17 2024 at 7 PM EDT

Episode 4 - Reverse engineering .net application.

DnSpy C# Reverse Engineering

Wednesday July 3 2024 at 7 PM EDT

Episode 3 - Reverse engineering compiled C code.

Reverse Engineering IDA C

Wednesday June 19 2024 at 7 PM EDT

Episode 2 - Using Sysmon to detect attacks and understand the artefact associated with our attacks.

Sysmon Red Team Blue Team

Thursday June 6 2024 at 7 PM EDT

Episode 1 - Welcome to TrueCyber

Introduction Not technical