Hypervisor compromises using Azure Run Command
https://www.mandiant.com/resources/azure-run-command-dummies
#Cloud
#Azure
@NetPentester
https://www.mandiant.com/resources/azure-run-command-dummies
#Cloud
#Azure
@NetPentester
Thirumalai_Khanna.pdf
3.6 MB
"Who Owns Your Hybrid Active Directory? Hunting for Adversary Techniques", 2021.
#cloud
#ad
@NetPentester
#cloud
#ad
@NetPentester
Active Directory Lateral Movement
https://research.splunk.com/stories/active_directory_lateral_movement
#Blue_Team
#AD
@NetPentester
https://research.splunk.com/stories/active_directory_lateral_movement
#Blue_Team
#AD
@NetPentester
Splunk Security Content
Analytics Story: Active Directory Lateral Movement
Date: 2021-12-09 ID: 399d65dc-1f08-499b-a259-aad9051f38ad Author: David Dorsey, Mauricio Velazco Splunk Product: Splunk Enterprise Security Denoscription Detect and investigate tactics, techniques, and procedures around how attackers move laterally within an…
نفوذ به شبکه های هسته 5G از خارج و داخل
https://penthertz.com/blog/Intruding-5G-core-networks-from-outside-and_inside.html
#5G
#Network
#Network_5G
@NetPentester
https://penthertz.com/blog/Intruding-5G-core-networks-from-outside-and_inside.html
#5G
#Network
#Network_5G
@NetPentester
ابزار Powershell برای خودکار کردن شمارش اکتیو دایرکتوری
https://github.com/61106960/adPEAS#simple-usage-with-generic-program-parameters
#PowerShell
#RedTeam
#AD
@NetPentester
https://github.com/61106960/adPEAS#simple-usage-with-generic-program-parameters
#PowerShell
#RedTeam
#AD
@NetPentester
GitHub
GitHub - 61106960/adPEAS: Powershell tool to automate Active Directory enumeration.
Powershell tool to automate Active Directory enumeration. - 61106960/adPEAS
هانی پات شبکه داخلی برای تشخیص اینکه آیا یک تهدید مهاجم/داخلی شبکه شما را برای log4j CVE-2021-44228 اسکن می کند.
https://github.com/BinaryDefense/log4j-honeypot-flask
#honeypot
#Log4j
@NetPentester
https://github.com/BinaryDefense/log4j-honeypot-flask
#honeypot
#Log4j
@NetPentester
نقشه ذهنی برای سرویس ها AWS
برای دریافت آسانتر گواهینامه های AWS
https://github.com/notcuder/aws-mindmap
#Mindmap
#Aws
@NetPentester
برای دریافت آسانتر گواهینامه های AWS
https://github.com/notcuder/aws-mindmap
#Mindmap
#Aws
@NetPentester
GitHub
GitHub - notcuder/aws-mindmap: The mindmaps for AWS services to get AWS Certificates easier.
The mindmaps for AWS services to get AWS Certificates easier. - notcuder/aws-mindmap
CrackMapExec (CME)
یک ابزار پس از بهره برداری است که به ارزیابی خودکار امنیت شبکه های بزرگ Active Directory کمک می کند.
https://github.com/byt3bl33d3r/CrackMapExec
#AD
#CME
@NetPentester
یک ابزار پس از بهره برداری است که به ارزیابی خودکار امنیت شبکه های بزرگ Active Directory کمک می کند.
https://github.com/byt3bl33d3r/CrackMapExec
#AD
#CME
@NetPentester
GitHub
GitHub - byt3bl33d3r/CrackMapExec: A swiss army knife for pentesting networks
A swiss army knife for pentesting networks. Contribute to byt3bl33d3r/CrackMapExec development by creating an account on GitHub.
CVE-2021-45608 - NetUSB RCE Flaw in Millions of End User Routers
https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers
#router
#cve
@NetPentester
https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers
#router
#cve
@NetPentester
SentinelOne
CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers
SentinelLabs has discovered a high severity flaw in NetUSB which could be remotely exploited to execute code in the kernel.
icmpdoor
شل معکوس ICMP در پایتون 3
https://cryptsus.com/blog/icmp-reverse-shell.html
https://github.com/krabelize/icmpdoor
#python
@NetPentester
شل معکوس ICMP در پایتون 3
https://cryptsus.com/blog/icmp-reverse-shell.html
https://github.com/krabelize/icmpdoor
#python
@NetPentester
Cryptsus
icmpdoor - ICMP reverse shell in Python 3 — Cryptsus Blog
Cryptsus is a security consulting group of expert hackers specializing in securing systems and networks, authentication systems and vulnerability management.
Searching for Deserialization Protection Bypasses
in Microsoft Exchange (CVE-2022-21969)
https://medium.com/@frycos/searching-for-deserialization-protection-bypasses-in-microsoft-exchange-cve-2022-21969-bfa38f63a62d
#Microsoft
#exchange
@NetPentester
in Microsoft Exchange (CVE-2022-21969)
https://medium.com/@frycos/searching-for-deserialization-protection-bypasses-in-microsoft-exchange-cve-2022-21969-bfa38f63a62d
#Microsoft
#exchange
@NetPentester
Medium
Searching for Deserialization Protection Bypasses in Microsoft Exchange (CVE-2022–21969)
This story begins with a series of fails, but why? That is because of my special relationship with the Microsoft Exchange codebase…
SMBploit
- ابزار تهاجمی برای اسکن/سوء استفاده از آسیبپذیریها در ویندوز مایکروسافت از طریق پروتکل Samba (SMB) با استفاده از چارچوب Metasploit
https://github.com/d4t4s3c/SMBploit
@NetPentester
- ابزار تهاجمی برای اسکن/سوء استفاده از آسیبپذیریها در ویندوز مایکروسافت از طریق پروتکل Samba (SMB) با استفاده از چارچوب Metasploit
https://github.com/d4t4s3c/SMBploit
@NetPentester
عملکرد آسیب پذیری AWS Lambda - دسترسی اولیه در حملات ابری
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre
#Cloud
#Vulnerability
#Privilege
@NetPentester
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre
#Cloud
#Vulnerability
#Privilege
@NetPentester
Sysdig
Lambda Threat – Best Practices for Lambda Security | Sysdig
The security research team explains the attack scenario with a vulnerable AWS Lambda function could be a threat used by attackers.
بهره برداری از پیکربندی های اشتباه رایج در سیستم های تلفن سیسکو
https://www.trustedsec.com/blog/seeyoucm-thief-exploiting-common-misconfigurations-in-cisco-phone-systems
]-> ابزاری برای دانلود/تجزیه خودکار فایل های پیکربندی از سیستم های تلفن سیسکو در جستجوی اعتبارنامه SSH:
https://github.com/trustedsec/SeeYouCM-Thief
#Cisco
#Tools
@NetPentester
https://www.trustedsec.com/blog/seeyoucm-thief-exploiting-common-misconfigurations-in-cisco-phone-systems
]-> ابزاری برای دانلود/تجزیه خودکار فایل های پیکربندی از سیستم های تلفن سیسکو در جستجوی اعتبارنامه SSH:
https://github.com/trustedsec/SeeYouCM-Thief
#Cisco
#Tools
@NetPentester
TrustedSec
SeeYouCM-Thief: Exploiting Common Misconfigurations in Cisco Phone…
1.1 Intro I spent my early IT career working for a Cisco partner that specialized in Cisco phone systems. I did, however, get to see my share of networks…
Attack and defend active directory using modern
post exploitation adversary tradecraft activity
https://github.com/infosecn1nja/AD-Attack-Defense
#AD
#RedTeam
#Attack
@NetPentester
post exploitation adversary tradecraft activity
https://github.com/infosecn1nja/AD-Attack-Defense
#AD
#RedTeam
#Attack
@NetPentester
GitHub
GitHub - infosecn1nja/AD-Attack-Defense: Attack and defend active directory using modern post exploitation adversary tradecraft…
Attack and defend active directory using modern post exploitation adversary tradecraft activity - infosecn1nja/AD-Attack-Defense
Mandiant Azure AD Investigator:
PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity
https://github.com/mandiant/Mandiant-Azure-AD-Investigator
#Cloud
#AD
#Azure
#PowerShell
@NetPentester
PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity
https://github.com/mandiant/Mandiant-Azure-AD-Investigator
#Cloud
#AD
#Azure
#PowerShell
@NetPentester
GitHub
GitHub - mandiant/Mandiant-Azure-AD-Investigator
Contribute to mandiant/Mandiant-Azure-AD-Investigator development by creating an account on GitHub.
منابع و یادداشت های امنیتی Azure
https://github.com/rootsecdev/Azure-Red-Team
#Cloud
#Azure
#RedTeam
@NetPentester
https://github.com/rootsecdev/Azure-Red-Team
#Cloud
#Azure
#RedTeam
@NetPentester
GitHub
GitHub - rootsecdev/Azure-Red-Team: Azure Security Resources and Notes
Azure Security Resources and Notes. Contribute to rootsecdev/Azure-Red-Team development by creating an account on GitHub.
بررسی امنیتی Active Directory در چند ثانیه ابزار PingCastle به شما امکان می دهد تا بیش از 100 هزار بررسی امنیتی را بدون نصب، مدیریت یا ارسال داده "به ابر" انجام دهید، در حالی که یک گزارش راحت تولید می کنید. برخی از بررسی ها شامل خطرات بالقوه است، بنابراین ممکن است گاه به گاه نتایج مثبت کاذب وجود داشته باشد.
https://github.com/vletoux/pingcastle
#RedTeam
#AD
@NetPentester
https://github.com/vletoux/pingcastle
#RedTeam
#AD
@NetPentester
GitHub
GitHub - netwrix/pingcastle: PingCastle - Get Active Directory Security at 80% in 20% of the time
PingCastle - Get Active Directory Security at 80% in 20% of the time - netwrix/pingcastle