مجموعه نقشه ذهنی تست نفوذ Active Directory توسط Orange CyberDefense
GitHub
https://github.com/Orange-Cyberdefense/arsenal
All MindMap
https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap
Additional
https://www.xmind.net/m/5dypm8/
#pentest
#windows
#ad
@NetPentester
GitHub
https://github.com/Orange-Cyberdefense/arsenal
All MindMap
https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap
Additional
https://www.xmind.net/m/5dypm8/
#pentest
#windows
#ad
@NetPentester
GitHub
GitHub - Orange-Cyberdefense/arsenal: Arsenal is just a quick inventory and launcher for hacking programs
Arsenal is just a quick inventory and launcher for hacking programs - Orange-Cyberdefense/arsenal
BloodyAD is an Active Directory Privilege Escalation Framework
https://github.com/CravateRouge/bloodyAD
#AD
#privilege
@NetPentester
https://github.com/CravateRouge/bloodyAD
#AD
#privilege
@NetPentester
GitHub
GitHub - CravateRouge/bloodyAD: BloodyAD is an Active Directory Privilege Escalation Framework
BloodyAD is an Active Directory Privilege Escalation Framework - CravateRouge/bloodyAD
#امنیت_شبکه 5G
بهره برداری از Fuzz - بهره برداری از آسیب پذیری ها در شبکه های اصلی 5G
https://research.nccgroup.com/2021/11/16/exploit-the-fuzz-exploiting-vulnerabilities-in-5g-core-networks
@NetPentester
بهره برداری از Fuzz - بهره برداری از آسیب پذیری ها در شبکه های اصلی 5G
https://research.nccgroup.com/2021/11/16/exploit-the-fuzz-exploiting-vulnerabilities-in-5g-core-networks
@NetPentester
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
CVE-2021-42306 CredManifest:
App Registration Certificates Stored in Azure AD
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest
#azure
#Ad
#Cloud
#Pentest
@NetPentester
App Registration Certificates Stored in Azure AD
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest
#azure
#Ad
#Cloud
#Pentest
@NetPentester
NetSPI
CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory
The vulnerability, found by NetSPI’s cloud pentesting practice director, Karl Fosaaen, affects any organization that uses Automation Account "Run as" accounts in Azure.
New_Attack_Surfaces_WiFi_Mesh.pdf
3.2 MB
#WLAN_Security
BlackHat Europe 2021:
"New Attack Surfaces of Wi-Fi Mesh Network".
// CVE-2021-35055, CVE-2021-37566, CVE-2021-37572
@NetPentester
BlackHat Europe 2021:
"New Attack Surfaces of Wi-Fi Mesh Network".
// CVE-2021-35055, CVE-2021-37566, CVE-2021-37572
@NetPentester
WSUS Attacks:
Part 1 - Introducing PyWSUS
https://www.gosecure.net/blog/2020/09/03/wsus-attacks-part-1-introducing-pywsus
Part 2 - CVE-2020-1013 a Windows 10 LPE 1-Day
https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day
Part 3 - NTLM Relaying Attacks
https://www.gosecure.net/blog/2021/11/22/gosecure-investigates-abusing-windows-server-update-services-wsus-to-enable-ntlm-relaying-attacks
#wsus
#NTLM
@NetPentester
Part 1 - Introducing PyWSUS
https://www.gosecure.net/blog/2020/09/03/wsus-attacks-part-1-introducing-pywsus
Part 2 - CVE-2020-1013 a Windows 10 LPE 1-Day
https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day
Part 3 - NTLM Relaying Attacks
https://www.gosecure.net/blog/2021/11/22/gosecure-investigates-abusing-windows-server-update-services-wsus-to-enable-ntlm-relaying-attacks
#wsus
#NTLM
@NetPentester
GoSecure
24/7 managed detection, response, and expert cybersecurity services - GoSecure
We provide around-the-clock threat detection and incident response, backed by expert consulting to keep your organization secure.
Observing Attacks Against Hundreds
of Exposed Services in Public Clouds
https://unit42.paloaltonetworks.com/exposed-services-public-clouds
#Cloud
@NetPentester
of Exposed Services in Public Clouds
https://unit42.paloaltonetworks.com/exposed-services-public-clouds
#Cloud
@NetPentester
Unit 42
Observing Attacks Against Hundreds of Exposed Services in Public Clouds
Insecurely exposed services are common misconfigurations in cloud environments. We used a honeypot infrastructure to learn about attacks against them.
+ نحوه تشخیص درهای پشتی اکتیو دایرکتوری Azure :
https://www.inversecos.com/2021/11/how-to-detect-azure-active-directory.html
#BlueTeam
#AD
#Azure
@BlueRedTeam
https://www.inversecos.com/2021/11/how-to-detect-azure-active-directory.html
#BlueTeam
#AD
#Azure
@BlueRedTeam
Inversecos
How to Detect Azure Active Directory Backdoors: Identity Federation
CVE-2021-21972:
PoC Exploit for vCenter
https://github.com/NS-Sp4ce/CVE-2021-21972
https://github.com/horizon3ai/CVE-2021-21972
Exploits the Wii U's bluetooth stack to gain IOSU
kernel access via bluetooth
https://github.com/GaryOderNichts/bluubomb
#bluetooth
@NetPentester
PoC Exploit for vCenter
https://github.com/NS-Sp4ce/CVE-2021-21972
https://github.com/horizon3ai/CVE-2021-21972
Exploits the Wii U's bluetooth stack to gain IOSU
kernel access via bluetooth
https://github.com/GaryOderNichts/bluubomb
#bluetooth
@NetPentester
GitHub
GitHub - NS-Sp4ce/CVE-2021-21972: CVE-2021-21972 Exploit
CVE-2021-21972 Exploit. Contribute to NS-Sp4ce/CVE-2021-21972 development by creating an account on GitHub.
آسیب پذیری 0 day در دستگاه های Tp-link wi-fi
https://securityaffairs.co/wordpress/125016/hacking/0-day-tp-link-wi-fi-6.html?utm_source=feedly&utm_medium=rss&utm_campaign=0-day-tp-link-wi-fi-6
TP-Link TL-WR840N EU v5 RCE
(PoC for CVE-2021-41653)
https://k4m1ll0.com/cve-2021-41653.html
#tplink
#ZeroDay
#Vulnerability
#poc
@NetPentester
https://securityaffairs.co/wordpress/125016/hacking/0-day-tp-link-wi-fi-6.html?utm_source=feedly&utm_medium=rss&utm_campaign=0-day-tp-link-wi-fi-6
TP-Link TL-WR840N EU v5 RCE
(PoC for CVE-2021-41653)
https://k4m1ll0.com/cve-2021-41653.html
#tplink
#ZeroDay
#Vulnerability
#poc
@NetPentester
Owfuzz: a WiFi protocol fuzzing tool using openwifi
https://github.com/alipay/Owfuzz
#tools
@NetPentester
https://github.com/alipay/Owfuzz
#tools
@NetPentester
اسکریپت Nmap که آسیب پذیری های احتمالی را بر اساس سرویس های کشف شده در پورت های باز جستجو می کند.
https://github.com/scmanjarrez/CVEScannerV2
#Nmap
#port
#Vulnerability
#Script
@NetPentester
https://github.com/scmanjarrez/CVEScannerV2
#Nmap
#port
#Vulnerability
#Script
@NetPentester
GitHub
GitHub - scmanjarrez/CVEScannerV2: Nmap noscript that scans for probable vulnerabilities based on services discovered in open ports.
Nmap noscript that scans for probable vulnerabilities based on services discovered in open ports. - GitHub - scmanjarrez/CVEScannerV2: Nmap noscript that scans for probable vulnerabilities based on se...
Proxy-Attackchain:
proxylogon, proxyshell, proxyoracle, proxytoken
full chain exploit tool
https://github.com/FDlucifer/Proxy-Attackchain
#tools
#proxy
@NetPentester
proxylogon, proxyshell, proxyoracle, proxytoken
full chain exploit tool
https://github.com/FDlucifer/Proxy-Attackchain
#tools
#proxy
@NetPentester
افزایش دسترسی Azure از طریق سوء استفاده از مجوزهای Azure API
https://posts.specterops.io/azure-privilege-escalation-via-azure-api-permissions-abuse-74aee1006f48
#microsoft
#api
#Azure
#privilege
#Cloud
@NetPentesters
https://posts.specterops.io/azure-privilege-escalation-via-azure-api-permissions-abuse-74aee1006f48
#microsoft
#api
#Azure
#privilege
#Cloud
@NetPentesters
تجزیه و تحلیل برای CVE-2021-34535 -
آسیب پذیری RCE در Remote Desktop Client
https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control
#vulnerability
#RDP
#RCE
#Analysis
@NetPentester
آسیب پذیری RCE در Remote Desktop Client
https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control
#vulnerability
#RDP
#RCE
#Analysis
@NetPentester
کانفیگ بک دور برای دور زدن انتی ویروس
https://github.com/RoseSecurity/Anti-Virus-Evading-Payloads
#Bypass
#antivirus
#backdoor
@NetPentester
https://github.com/RoseSecurity/Anti-Virus-Evading-Payloads
#Bypass
#antivirus
#backdoor
@NetPentester