In what fields do you work? Or are you learning it?
Anonymous Poll
59%
Network Penetration Testing
37%
Web Penetration Testing
21%
Mobile Penetration Testing
16%
Pwn
25%
Malware Analysis
20%
Reverse Engineering
38%
OSINT
20%
Other
AWS Targeted by a Package Backfill Attack
https://www.whitesourcesoftware.com/resources/blog/aws-targeted-by-a-package-backfill-attack/
@NetPentesters
https://www.whitesourcesoftware.com/resources/blog/aws-targeted-by-a-package-backfill-attack/
@NetPentesters
Mend.io
The Mend.io AppSec Blog
The latest news and insights on application security and securing the software supply chain. Read the Mend.io blog here.
Pybatfish - Python Client For Batfish (Network Configuration Analysis Tool)
http://www.kitploit.com/2022/05/pybatfish-python-client-for-batfish.html
#tools
#Analysis
@NetPentesters
http://www.kitploit.com/2022/05/pybatfish-python-client-for-batfish.html
#tools
#Analysis
@NetPentesters
Kitploit
Kitploit – Maintenance in Progress
Kitploit is temporarily under maintenance. We’ll be back shortly with improvements.
NTLMRelay2Self
Escalate privileges locally by forcing the system you landed initial access on to reflectively authenticate over HTTP to itself and forward the received connection to an HTTP listener (ntlmrelayx) configured to relay to DC servers over LDAP/LDAPs for either setting shadow credentials or configuring RBCD.
#LDAP
#privesc
#relay
#webdav
#lpe
https://github.com/med0x2e/NTLMRelay2Self
@NetPentesters
Escalate privileges locally by forcing the system you landed initial access on to reflectively authenticate over HTTP to itself and forward the received connection to an HTTP listener (ntlmrelayx) configured to relay to DC servers over LDAP/LDAPs for either setting shadow credentials or configuring RBCD.
#LDAP
#privesc
#relay
#webdav
#lpe
https://github.com/med0x2e/NTLMRelay2Self
@NetPentesters
GitHub
GitHub - med0x2e/NTLMRelay2Self: An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav). - med0x2e/NTLMRelay2Self
RCE in BIG-IP iControl REST (CVE-2022-1388)
This vulnerability could allow an unauthenticated attacker with network access to a BIG-IP system to execute arbitrary system commands, create or delete files, or disable services (CVE-2022-1388)
Dork for Shodan:
https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP
#web
#cve
#rce
@NetPentesters
This vulnerability could allow an unauthenticated attacker with network access to a BIG-IP system to execute arbitrary system commands, create or delete files, or disable services (CVE-2022-1388)
Dork for Shodan:
http.noscript:"BIG-IP®-+Redirect" +"Server"https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP
#web
#cve
#rce
@NetPentesters
GitHub
GitHub - sherlocksecurity/CVE-2022-1388-Exploit-POC: PoC for CVE-2022-1388_F5_BIG-IP
PoC for CVE-2022-1388_F5_BIG-IP. Contribute to sherlocksecurity/CVE-2022-1388-Exploit-POC development by creating an account on GitHub.
ICMP-TransferTools is a set of noscripts designed to move files to and from Windows hosts in restricted network environments.
https://github.com/icyguider/ICMP-TransferTools
#icmp
#file
#transfer
#bypass
#firewall
@NetPentesters
https://github.com/icyguider/ICMP-TransferTools
#icmp
#file
#transfer
#bypass
#firewall
@NetPentesters
GitHub
GitHub - icyguider/ICMP-TransferTools: Transfer files to and from a Windows host via ICMP in restricted network environments.
Transfer files to and from a Windows host via ICMP in restricted network environments. - icyguider/ICMP-TransferTools
PPID Spoofing & BlockDLLs with NtCreateUserProcess
https://offensivedefence.co.uk/posts/ntcreateuserprocess
@NetPentesters
https://offensivedefence.co.uk/posts/ntcreateuserprocess
@NetPentesters
offensivedefence.co.uk
PPID Spoofing & BlockDLLs with NtCreateUserProcess
This week, Capt. Meelo released a great blog post on how to call the NtCreateUserProcess API as a substitue for the typical Win32 CreateProcess API. This post will build upon Meelo’s, so I highly encourage you to read it first.
TL;DR, this code (not counting…
TL;DR, this code (not counting…
SearchMap Information Collection Tool
https://reconshell.com/searchmap-information-collection-tool/
@NetPentesters
https://reconshell.com/searchmap-information-collection-tool/
@NetPentesters
Transferring Files over ICMP in Restricted Network Environments
https://icyguider.github.io/2022/02/01/Transferring-Files-Over-ICMP.html
@NetPentesters
https://icyguider.github.io/2022/02/01/Transferring-Files-Over-ICMP.html
@NetPentesters
[ How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks ]
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
#ad
#acl
#ldap
#relay
@NetPentesters
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
#ad
#acl
#ldap
#relay
@NetPentesters
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
Tool to scan user data with neural networks
Octopii is an AI based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and MobileNet's Convolutional Neural Network (CNN) model.
Allows you to detect various forms of government IDs, passports, debit cards, driver's licenses, photographs, signatures, etc.
https://github.com/redhuntlabs/Octopii
#redteam #leak
@NetPentesters
Octopii is an AI based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and MobileNet's Convolutional Neural Network (CNN) model.
Allows you to detect various forms of government IDs, passports, debit cards, driver's licenses, photographs, signatures, etc.
https://github.com/redhuntlabs/Octopii
#redteam #leak
@NetPentesters
GitHub
GitHub - redhuntlabs/Octopii: An AI-powered Personal Identifiable Information (PII) scanner.
An AI-powered Personal Identifiable Information (PII) scanner. - redhuntlabs/Octopii
Maximizing BloodHound with a simple suite of tools
[Maximizing BloodHound with a simple suite of tools]
A set of console utilities for working with Bloodhound. Retrieve/update objects, mark objects as Owned/High Value Targets, delete objects, match shattered passwords (hashcat) with users, execute raw DB query...
https://github.com/knavesec/Max
#AD
#bloodhound
@NetPentesters
[Maximizing BloodHound with a simple suite of tools]
A set of console utilities for working with Bloodhound. Retrieve/update objects, mark objects as Owned/High Value Targets, delete objects, match shattered passwords (hashcat) with users, execute raw DB query...
https://github.com/knavesec/Max
#AD
#bloodhound
@NetPentesters
GitHub
GitHub - knavesec/Max: Maximizing BloodHound. Max is a good boy.
Maximizing BloodHound. Max is a good boy. Contribute to knavesec/Max development by creating an account on GitHub.
SMB Session Spoofing: create a fake SMB Session
https://securityonline.info/smb-session-spoofing-create-a-fake-smb-session/
#SMB
#spoofing
@NetPentesters
https://securityonline.info/smb-session-spoofing-create-a-fake-smb-session/
#SMB
#spoofing
@NetPentesters
VLAN attacks toolkit
The author has nothing to do with those who will use this tool for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.
https://github.com/necreas1ng/VLANPWN
#VLAN
@NetPentesters
The author has nothing to do with those who will use this tool for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.
https://github.com/necreas1ng/VLANPWN
#VLAN
@NetPentesters
Active-Directory-Purple-Teaming
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
#ad
@NetPentesters
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
#ad
@NetPentesters
CVE-2022-26937
Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow
#exploit
@NetPentesters
Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow
#exploit
@NetPentesters
Zero Day Initiative
Zero Day Initiative — CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Jason McFadyen of the Trend Micro Research Team detail a recently patched code execution vulnerability in the Microsoft Windows operating system. The bug…
DNS_Tunneling
DNS Tunneling using powershell to download and execute a payload. Works in CLM.
https://github.com/Octoberfest7/DNS_Tunneling
@NetPentesters
DNS Tunneling using powershell to download and execute a payload. Works in CLM.
https://github.com/Octoberfest7/DNS_Tunneling
@NetPentesters
GitHub
GitHub - Octoberfest7/DNS_Tunneling: DNS Tunneling using powershell to download and execute a payload. Works in CLM.
DNS Tunneling using powershell to download and execute a payload. Works in CLM. - Octoberfest7/DNS_Tunneling
Cloud penetration testing
A curateinfrastrucd list of cloud pentesting resource, contains AWS, Azure, Google Cloud
https://github.com/kh4sh3i/cloud-penetration-testing
#Cloud
@NetPentesters
A curateinfrastrucd list of cloud pentesting resource, contains AWS, Azure, Google Cloud
https://github.com/kh4sh3i/cloud-penetration-testing
#Cloud
@NetPentesters
GitHub
GitHub - kh4sh3i/cloud-penetration-testing: A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud - kh4sh3i/cloud-penetration-testing
Aced
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator.
Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
https://github.com/garrettfoster13/aced
#ad
#tools
@NetPentesters
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator.
Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
https://github.com/garrettfoster13/aced
#ad
#tools
@NetPentesters