Black & White Path

Apr 1, 2026 · Information Security

Red Team Walkthrough: Compromising a Tiny Company with Phishing and Local Exploits

This article details a red‑team engagement against a 30‑employee company that lacked a public website, describing how the team used phishing emails, custom Cobalt Strike payloads, shellcode encryption, internal network scanning, and a router tunnel to obtain footholds and extract data.