More xref between blog and new videos

GoSecure · Jun 5, 2019 · 5466825 · 5466825
1 parent e996b66
commit 5466825
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc
@@ -32,6 +32,8 @@ https://github.com/xshill[Francis Labelle] and
 https://github.com/res260[Émilio Gonzalez]'s talk on {project-name}.
 
 * https://docs.google.com/presentation/d/1avcn8Sh2b3IE7AA0G9l7Cj5F1pxqizUm98IbXUo2cvY/edit#slide=id.g404b70030f_0_581[Presentation Slides]
+* https://youtu.be/5JztJzi-m48[Demo Video of a Session Takeover and more]
+* https://youtu.be/bU67tj1RkMA[Demo Video of a cmd.exe payload triggered on connection]
 * https://nsec.io/session/2019-welcome-to-the-jumble-improving-rdp-tooling-for-malware-analysis-and-pentesting.html[Abstract]
 
 === Enhancements

diff --git a/README.md b/README.md
@@ -19,6 +19,8 @@ It features a few tools:
 We have used this tool as part of an RDP honeypot which records sessions and saves a copy of the malware dropped on our
 target machine.
 
+PyRDP was [first introduced in a blogpost](https://www.gosecure.net/blog/2018/12/19/rdp-man-in-the-middle-smile-youre-on-camera) in which we [demonstrated that we can catch a real threat actor in action](https://www.youtube.com/watch?v=eB7RC9FmL6Q). In May 2019 a [presentation by its authors](https://docs.google.com/presentation/d/1avcn8Sh2b3IE7AA0G9l7Cj5F1pxqizUm98IbXUo2cvY/edit#slide=id.g404b70030f_0_581) was given at NorthSec and two demos were performed. [The first one covered](https://youtu.be/5JztJzi-m48) credential logging, clipboard stealing, client-side file browsing and a session take-over. [The second one covered](https://youtu.be/bU67tj1RkMA) the execution of cmd or powershell payloads when a client successfully authenticates.
+
 ## Table of Contents
 - [Supported Systems](#supported-systems)
 - [Installing](#installing)