Resources for Kubernetes network policies

https://github.com/networkpolicy/community

#pollicies
@NetPentesters

LDAP relays for initial foothold in dire situations

https://offsec.almond.consulting/ldap-relays-for-initial-foothold-in-dire-situations.html

#LDAP
@NetPentesters

Active Directory (Attack & Defense )

https://0xsp.com/offensive/active-directory-attack-defense

#AD
#Attack
#Defense
@NetPentesters

MITRE ATT&CK TTP’s used by LAPSUS$

Two interesting techniques used by LAPSUS$ (Code Signing, Disable, and Modify Tools)

#MITRE
@NetPentesters

Vulnerable Active Directory
Create a vulnerable AD that will allow you to test most AD attacks in a local lab

Main characteristics:
- Random attacks
- Full coverage of the listed attacks
- it is necessary to run the noscript in DC with Active Directory installed
- Some attacks require a client workstation
Supported attacks:
- Abuse of ACLs/ACEs
- Kerberoasting
- AS-REP Roasting
- Abuse of DnsAdmins
- Password in object denoscription
- Custom objects with default password (Changeme123!)
- Password spraying
- DCSync
- Silver ticket
- Golden Ticket
- Pass-the-Hash
- Pass-the-Ticket
- SMB signing disabled

https://github.com/WazeHell/vulnerable-AD

#Ad
#Lab
@NetPentesters

Azure Active Directory Exposes Internal Information

https://www.secureworks.com/research/azure-active-directory-exposes-internal-information

#Cloud
#Azure
#AD
@NetPentesters

Performing and Preventing Attacks on Azure Cloud Environments through Azure DevOps

https://labs.f-secure.com/blog/performing-and-preventing-attacks-on-azure-cloud-environments-through-azure-devops

#Cloud
#Azure
@NetPentesters

Active Directory - Domain Persistence

https://0xstarlight.github.io/posts/Active-Directory-Domain-Persistence

#AD
@NetPentesters

A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls.

https://github.com/ekzhang/bore

#Bypass
#NAT
#Firewall
@NetPentesters

Pentesting Azure: Recon Techniques

https://securitycafe.ro/2022/04/29/pentesting-azure-recon-techniques

#Cloud
#Azure
#recon
#techniques
@NetPentesters

Pybatfish - Python Client For Batfish (Network Configuration Analysis Tool)

http://www.kitploit.com/2022/05/pybatfish-python-client-for-batfish.html

#tools
#Analysis
@NetPentesters

NTLMRelay2Self

Escalate privileges locally by forcing the system you landed initial access on to reflectively authenticate over HTTP to itself and forward the received connection to an HTTP listener (ntlmrelayx) configured to relay to DC servers over LDAP/LDAPs for either setting shadow credentials or configuring RBCD.

#LDAP
#privesc
#relay
#webdav
#lpe
https://github.com/med0x2e/NTLMRelay2Self
@NetPentesters

RCE in BIG-IP iControl REST (CVE-2022-1388)

This vulnerability could allow an unauthenticated attacker with network access to a BIG-IP system to execute arbitrary system commands, create or delete files, or disable services (CVE-2022-1388)

Dork for Shodan:

http.noscript:"BIG-IP®-+Redirect" +"Server"

https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP

#web
#cve
#rce
@NetPentesters

ICMP-TransferTools is a set of noscripts designed to move files to and from Windows hosts in restricted network environments.

https://github.com/icyguider/ICMP-TransferTools

#icmp
#file
#transfer
#bypass
#firewall
@NetPentesters

PPID Spoofing & BlockDLLs with NtCreateUserProcess

https://offensivedefence.co.uk/posts/ntcreateuserprocess

@NetPentesters

SearchMap Information Collection Tool

https://reconshell.com/searchmap-information-collection-tool/


@NetPentesters

[ How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks ]

https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/

#ad
#acl
#ldap
#relay
@NetPentesters