I'd like to preface this write-up by first making fun of myself from the future. Not long from now, the title of this article will be akin to saying "Driving with a car" or "Cooking with electricity". You won't need or want to specify the AI part, that will just be assumed. It won't be "coding with AI", just coding.
Now that I've got that out of my system, let's get into it.
In this blog, we will be examining how, over the course of a couple hours, I wrote a process injection from scratch without any googling or crawling github etc... using just the Assistant at chat.openai.com.
This paper explores the difficulties and possible solutions for landing an initial access payload against MacOS, likely from phishing. There are a number of additional difficulties to consider, compared to crafting an initial access payload, or dropper, for Windows. We'll take a look at each of the technical issues, and then craft a reasonable pretext and payload, targeting the latest MacOS running on M1 silicon.
SANS slides are posted at : /sans/AI_Red_Team_Maldev_SANS.pdf
A paper, almost in the form of a "Standard Operating Procedure" or walkthrough, on how you can use Zola to rapidly create and deploy websites for fake businesses/content, for the purposes of red team phishing campaigns. We'll walk through, step by step, getting setup with zola to generate our first fake company website. Once you've run through this process a couple times, you'll be ready to generate an entire website for a fake business and deploy it rapidly.