AUTHOR

Jann Lemm

Jann Lemm founded avantguard cyber security GmbH together with Pascal Sommer and has since been active as managing director and in security audits as well as research projects, supporting companies in fending off cyber attacks. He is OSCP, CRTP, CARTP and OPST.

Offensive

Extending The Covenant: Part 3

The currently last blog post about my work on the open source C2 framework Covenant. One important new task, two new Grunt templates and QoL...

Jann Lemm Mar 3, 2023

Offensive

Extending The Covenant: Part 2

Further recent changes that we implemented in Covenant, such as new tasks, modified old tasks and a new graph layout.

Jann Lemm Dec 13, 2022

Offensive

Extending The Covenant

Several new tasks for Covenant that have proven to be helpful to us.

Jann Lemm Oct 28, 2022

Offensive

Updating The Covenant

A tutorial on how to get the most recent version of Rubeus integrated into Covenant's dev branch.

Jann Lemm Oct 21, 2022

Bypass

Overload Mapping vs. Memory Scanners

Investigations and further thoughts on in-memory execution and detection.

Jann Lemm Feb 18, 2022

Bypass

PowerShell Enhanced Logging Capabilities Bypass

A blog post about a new enhanced logging capabilities bypass for PowerShell, which allows to bypass transcription logging.

Jann Lemm Sep 6, 2021

Offensive

Active Directory Certificate Services

In this blog post, we show the steps necessary to recreate attacks on AD CS in a test environment. We also show how defenders can identify potential...

Jann Lemm Jun 26, 2021

Jann Lemm

Extending The Covenant: Part 3

Extending The Covenant: Part 2

Extending The Covenant

Updating The Covenant

Overload Mapping vs. Memory Scanners

PowerShell Enhanced Logging Capabilities Bypass

Active Directory Certificate Services

Menu

Services

Research

avantguard cyber security GmbH