Fsociety Hacking Tools Pack
https://gbhackers.com/fsociety-complete-hacking-tools/
#tools
#fsociety
@NetPentesters
https://gbhackers.com/fsociety-complete-hacking-tools/
#tools
#fsociety
@NetPentesters
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
fsociety a Complete Hacking Tools pack that a Hacker Needs - Penetration Testing Framework
fsociety is a penetration testing framework consists of all penetration testing tools that a hacker needs. It includes all the tools that involved in the Mr. Robot Series.
1 - Active Directory penetration testing cheatsheet
Part 1: https://infosecwriteups.com/active-directory-penetration-testing-cheatsheet-5f45aa5b44ff
Part 2: https://infosecwriteups.com/active-directory-cheatsheet-part-2-b18e9aa2e73a
2 - Bypass Server Upload Restrictions
https://infosecwriteups.com/bypass-server-upload-restrictions-69054c5e1be4
#AD
#pentest
#bypass
@NetPentesters
Part 1: https://infosecwriteups.com/active-directory-penetration-testing-cheatsheet-5f45aa5b44ff
Part 2: https://infosecwriteups.com/active-directory-cheatsheet-part-2-b18e9aa2e73a
2 - Bypass Server Upload Restrictions
https://infosecwriteups.com/bypass-server-upload-restrictions-69054c5e1be4
#AD
#pentest
#bypass
@NetPentesters
Red Teaming and Social-Engineering related noscripts, tools and CheatSheets
https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming
#RedTeam
#social_engineering
#pentest
@NetPentesters
https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming
#RedTeam
#social_engineering
#pentest
@NetPentesters
GitHub
Penetration-Testing-Tools/red-teaming at master · mgeeky/Penetration-Testing-Tools
A collection of more than 170+ tools, noscripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes. - mgeeky/Penetration-Testing-Tools
Attacks on Azure AD and M365:
Pawning the cloud, PTA Skeleton Keys and more
https://www.inversecos.com/2021/10/attacks-on-azure-ad-and-m365-pawning.html
#Attack
#Azure
#Ad
#Cloud
#Microsoft
@NetPentesters
Pawning the cloud, PTA Skeleton Keys and more
https://www.inversecos.com/2021/10/attacks-on-azure-ad-and-m365-pawning.html
#Attack
#Azure
#Ad
#Cloud
#Microsoft
@NetPentesters
Appendix: Overview of Microsoft Identity Security Monitoring
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense/blob/main/IdentitySecurityMonitoring.md
#Azure
#ad
@NetPentesters
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense/blob/main/IdentitySecurityMonitoring.md
#Azure
#ad
@NetPentesters
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
https://github.com/bhdresh/CVE-2021-33766
#exchange
#bypass
@NetPentesters
https://github.com/bhdresh/CVE-2021-33766
#exchange
#bypass
@NetPentesters
GitHub
GitHub - bhdresh/CVE-2021-33766: ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit - bhdresh/CVE-2021-33766
Pre-Auth SSRF To Full MailBox Access
(Microsoft Exchange Server Exploit)
https://vanshal.medium.com/pre-auth-ssrf-to-full-mailbox-access-microsoft-exchange-server-exploit-a62c8ac04b47
#SSRF
#Microsoft
#exchange
@NetPentesters
(Microsoft Exchange Server Exploit)
https://vanshal.medium.com/pre-auth-ssrf-to-full-mailbox-access-microsoft-exchange-server-exploit-a62c8ac04b47
#SSRF
#Microsoft
#exchange
@NetPentesters
Python implementation for Active Directory certificate abuse
https://github.com/ollypwn/Certipy
#python
#Ad
@NetPentesters
https://github.com/ollypwn/Certipy
#python
#Ad
@NetPentesters
Azure Privilege Escalation via Service Principal Abuse
https://posts.specterops.io/azure-privilege-escalation-via-service-principal-abuse-210ae2be2a5
#Azure
#privilege
@NetPentesters
https://posts.specterops.io/azure-privilege-escalation-via-service-principal-abuse-210ae2be2a5
#Azure
#privilege
@NetPentesters
SpecterOps
Blog - SpecterOps
Your new best friend: Introducing BloodHound Community Edition!
Offensive WMI:
Part 1 - Basics
https://0xinfection.github.io/posts/wmi-basics-part-1
Part 2 - Exploring Namespaces, Classes & Methods
https://0xinfection.github.io/posts/wmi-classes-methods-part-2
Part 3 - Interacting with Windows Registry
https://0xinfection.github.io/posts/wmi-registry-part-3
#WMI
@NetPentesters
Part 1 - Basics
https://0xinfection.github.io/posts/wmi-basics-part-1
Part 2 - Exploring Namespaces, Classes & Methods
https://0xinfection.github.io/posts/wmi-classes-methods-part-2
Part 3 - Interacting with Windows Registry
https://0xinfection.github.io/posts/wmi-registry-part-3
#WMI
@NetPentesters
Offensive WMI: Reconnaissance & Enumeration
https://0xinfection.github.io/posts/wmi-recon-enum
#WMI
#Enumeration
#Reconnaissance
@NetPentesters
https://0xinfection.github.io/posts/wmi-recon-enum
#WMI
#Enumeration
#Reconnaissance
@NetPentesters
Active Directory Enumeration
https://0xinfection.github.io/posts/wmi-ad-enum
#AD
#Enumeration
#Microsoft
@NetPentesters
https://0xinfection.github.io/posts/wmi-ad-enum
#AD
#Enumeration
#Microsoft
@NetPentesters
MITRE ATT & CK Matrix, ver.10.0:
More Objects, Parity, and Features
https://attack.mitre.org/resources/updates/updates-october-2021
]-> https://github.com/mitre/cti/releases/tag/ATT%26CK-v10.0
#MITRE
#attack
@NetPentesters
More Objects, Parity, and Features
https://attack.mitre.org/resources/updates/updates-october-2021
]-> https://github.com/mitre/cti/releases/tag/ATT%26CK-v10.0
#MITRE
#attack
@NetPentesters
GitHub
Release ATT&CK version 10.0 · mitre/cti
See release notes for the content changes here
See a summary of STIX changes here
See a summary of STIX changes here
Attacking & Securing Active Directory
https://rmusser.net/docs/Active_Directory.html
#AD
#Pentest
#attack
@NetPentesters
https://rmusser.net/docs/Active_Directory.html
#AD
#Pentest
#attack
@NetPentesters