Mandiant Azure AD Investigator:
PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity
https://github.com/mandiant/Mandiant-Azure-AD-Investigator
#Cloud
#AD
#Azure
#PowerShell
@NetPentesters
PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity
https://github.com/mandiant/Mandiant-Azure-AD-Investigator
#Cloud
#AD
#Azure
#PowerShell
@NetPentesters
GitHub
GitHub - mandiant/Mandiant-Azure-AD-Investigator
Contribute to mandiant/Mandiant-Azure-AD-Investigator development by creating an account on GitHub.
Azure Security Resources and Notes
https://github.com/rootsecdev/Azure-Red-Team
#Cloud
#Azure
#RedTeam
@NetPentesters
https://github.com/rootsecdev/Azure-Red-Team
#Cloud
#Azure
#RedTeam
@NetPentesters
GitHub
GitHub - rootsecdev/Azure-Red-Team: Azure Security Resources and Notes
Azure Security Resources and Notes. Contribute to rootsecdev/Azure-Red-Team development by creating an account on GitHub.
Active Directory security check in seconds The PingCastle tool allows you to perform more than 100K AD security checks, without installation, administration or sending data "to the cloud", while generating a convenient report. Some of the checks include potential risks, so there may be occasional false positives.
https://github.com/vletoux/pingcastle
#redteam
#ad
@NetPentesters
https://github.com/vletoux/pingcastle
#redteam
#ad
@NetPentesters
GitHub
GitHub - netwrix/pingcastle: PingCastle - Get Active Directory Security at 80% in 20% of the time
PingCastle - Get Active Directory Security at 80% in 20% of the time - netwrix/pingcastle
Checking out Azure AD cross tenant access policies
https://goodworkaround.com/2022/01/12/checking-out-azure-ad-cross-tenant-access-policies
]-> Terraform Azure IP Ranges module:
https://github.com/goodworkaround/tfazureipranges
#Cloud
#Azure
#AD
@NetPentesters
https://goodworkaround.com/2022/01/12/checking-out-azure-ad-cross-tenant-access-policies
]-> Terraform Azure IP Ranges module:
https://github.com/goodworkaround/tfazureipranges
#Cloud
#Azure
#AD
@NetPentesters
Good Workaround!
Checking out Azure AD cross tenant access policies
So, as one does, I was checking out the different Microsoft Graph AppRoles, which are the application scopes available. And then I found this: Now, I now cross tenant access is something Microsoft …
Identify privilege escalation paths within and across different clouds/SaaS
https://github.com/carlospolop/PurplePanda
#tools
#Cloud
#Privilege
@NetPentesters
https://github.com/carlospolop/PurplePanda
#tools
#Cloud
#Privilege
@NetPentesters
GitHub
GitHub - carlospolop/PurplePanda: Identify privilege escalation paths within and across different clouds
Identify privilege escalation paths within and across different clouds - carlospolop/PurplePanda
Persistence with Azure Policy Guest Configuration
https://cloudbrothers.info/en/azure-persistence-azure-policy-guest-configuration
#Cloud
#Azure
@NetPentesters
https://cloudbrothers.info/en/azure-persistence-azure-policy-guest-configuration
#Cloud
#Azure
@NetPentesters
cloudbrothers.info
Persistence with Azure Policy Guest Configuration
Azure Policy enables administrators to define, enforce and remediate configuration standards on Azure resources and even on non Azure assets using Azure Arc. One key feature, that was released in 2021, is the guest configuration feature of Azure Policy.
Basically…
Basically…
RDWArecon A python noscript to extract information from a Microsoft Remote Desktop Web Access (RDWA) application
https://github.com/p0dalirius/RDWArecon
#Microsoft
#python
@NetPentesters
https://github.com/p0dalirius/RDWArecon
#Microsoft
#python
@NetPentesters
GitHub
GitHub - p0dalirius/RDWAtool: A python noscript to extract information from a Microsoft Remote Desktop Web Access (RDWA) application
A python noscript to extract information from a Microsoft Remote Desktop Web Access (RDWA) application - GitHub - p0dalirius/RDWAtool: A python noscript to extract information from a Microsoft Remote ...
Software Defined Radio:
Building a Cellphone IMSI Catcher (Stingray)
https://www-hackers--arise-com.cdn.ampproject.org/c/s/www.hackers-arise.com/amp/software-defined-radio-part-6-building-a-imsi-catcher-stingray
@NetPentesters
Building a Cellphone IMSI Catcher (Stingray)
https://www-hackers--arise-com.cdn.ampproject.org/c/s/www.hackers-arise.com/amp/software-defined-radio-part-6-building-a-imsi-catcher-stingray
@NetPentesters
MITRE Cyber Analytics Repository (CAR)
https://car.mitre.org
]-> https://github.com/mitre-attack/car
#Mitre
@NetPentesters
https://car.mitre.org
]-> https://github.com/mitre-attack/car
#Mitre
@NetPentesters
MITRE Cyber Analytics Repository
Welcome to the Cyber Analytics Repository
Cisco RV340 SSL VPN Unauthenticated RCE as root
https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Austin2021/flashback_connects/flashback_connects.md
#Exploit
#Cisco
@NetPentesters
https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Austin2021/flashback_connects/flashback_connects.md
#Exploit
#Cisco
@NetPentesters
GitHub
Exploits_and_Advisories/advisories/Pwn2Own/Austin2021/flashback_connects/flashback_connects.md at master · rdomanski/Exploits_and_Advisories
Repository that tracks public exploits, vulnerabilities and advisories that I [co-]discovered or [co-]authored. - rdomanski/Exploits_and_Advisories
2022 VMware Threat Report - Exposing Malware in Linux-based Multi-Cloud Environments
https://blogs.vmware.com/security/2022/02/2022-vmware-threat-report-exposing-malware-in-linux-based-multi-cloud-environments.html
#cloud
#malware
@NetPentesters
https://blogs.vmware.com/security/2022/02/2022-vmware-threat-report-exposing-malware-in-linux-based-multi-cloud-environments.html
#cloud
#malware
@NetPentesters
VMware Security Blog
VMware Threat Report – Exposing Malware in Linux-Based Multi-Cloud Environments
VMware Threat Analysis Unit (TAU) releases "Exposing Malware in Linux-Based Multi-Cloud Environments". The report examines the unique characteristics of this class of threats and provides guidance on how to defend against these threats.
A small library to alter AWS API requests
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
GitHub
GitHub - Frichetten/aws_api_shapeshifter: A small library to alter AWS API requests; Used for fuzzing research
A small library to alter AWS API requests; Used for fuzzing research - Frichetten/aws_api_shapeshifter
Stealing and faking Azure AD device identities
https://o365blog.com/post/deviceidentity
#Cloud
#AD
@NetPentesters
https://o365blog.com/post/deviceidentity
#Cloud
#AD
@NetPentesters
Hacking AWS Cognito Misconfiguration to Zero Click Account Takeover
https://infosecwriteups.com/hacking-aws-cognito-misconfiguration-to-zero-click-account-takeover-36a209a0bd8a
#AWS
#Cloud
@NetPentesters
https://infosecwriteups.com/hacking-aws-cognito-misconfiguration-to-zero-click-account-takeover-36a209a0bd8a
#AWS
#Cloud
@NetPentesters
Medium
Hacking AWS Cognito Misconfiguration to Zero Click Account Takeover
Hi all, hope you are keeping well and staying safe. This blog is about my recent Account Takeover finding.
How to Use Kubesploit & KubiScan to Improve Cloud Native Security
https://www.conjur.org/blog/tutorial-kubernetes-vulnerability-scanning-testing-with-open-source
#Cloud
#Security
@NetPentesters
https://www.conjur.org/blog/tutorial-kubernetes-vulnerability-scanning-testing-with-open-source
#Cloud
#Security
@NetPentesters
Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage
#malware
#Backdoor
@NetPentesters
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage
#malware
#Backdoor
@NetPentesters
Security
Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
Espionage tool is the most advanced piece of malware Symantec researchers have seen from China-linked actors.
MITM-cheatsheet:
All MITM attacks in one place
https://github.com/frostbits-security/MITM-cheatsheet
#MITM
#Cheatsheet
#attack
@NetPentesters
All MITM attacks in one place
https://github.com/frostbits-security/MITM-cheatsheet
#MITM
#Cheatsheet
#attack
@NetPentesters
GitHub
GitHub - frostbits-security/MITM-cheatsheet: All MITM attacks in one place.
All MITM attacks in one place. Contribute to frostbits-security/MITM-cheatsheet development by creating an account on GitHub.
A fast enumeration tool for Windows AD Pentesting
https://github.com/AidenPearce369/ADReaper
#Tools
#AD
@NetPentesters
https://github.com/AidenPearce369/ADReaper
#Tools
#AD
@NetPentesters
GitHub
GitHub - m0n1x90/ADReaper: A fast enumeration tool for Windows Active Directory Pentesting written in Go
A fast enumeration tool for Windows Active Directory Pentesting written in Go - m0n1x90/ADReaper
Learning Linux kernel exploitation
Part 1 - Laying the groundwork
https://0x434b.dev/dabbling-with-linux-kernel-exploitation-ctf-challenges-to-learn-the-ropes
#linux
@NetPentesters
Part 1 - Laying the groundwork
https://0x434b.dev/dabbling-with-linux-kernel-exploitation-ctf-challenges-to-learn-the-ropes
#linux
@NetPentesters
Low-level adventures
Learning Linux kernel exploitation - Part 1 - Laying the groundwork
Table fo contents
Disclaimer: This post will cover basic steps to accomplish a privilege escalation based on a vulnerable driver. The basis for this introduction will be a challenge from the hxp2020 CTF called "kernel-rop". There's (obviously) write…
Disclaimer: This post will cover basic steps to accomplish a privilege escalation based on a vulnerable driver. The basis for this introduction will be a challenge from the hxp2020 CTF called "kernel-rop". There's (obviously) write…
The 8KB bypass in Google Cloud Platform WAF
https://kloudle.com/blog/piercing-the-cloud-armor-the-8kb-bypass-in-google-cloud-platform-waf
#Cloud
#WAF
@NetPentesters
https://kloudle.com/blog/piercing-the-cloud-armor-the-8kb-bypass-in-google-cloud-platform-waf
#Cloud
#WAF
@NetPentesters
Kloudle
Piercing the Cloud Armor: Exploiting the 8KB Bypass in Google Cloud Platform WAF
A detailed analysis of a critical security vulnerability in Google Cloud Platform's Web Application Firewall (WAF) that allows bypassing protection through an 8KB payload technique. Learn about the technical details, implications, and mitigation strategies.
Vajra is a UI based tool with multiple techniques for attacking/enumerating in target's Azure environment
https://github.com/TROUBLE-1/Vajra
#Azure
#Tools
@NetPentesters
https://github.com/TROUBLE-1/Vajra
#Azure
#Tools
@NetPentesters
GitHub
GitHub - TROUBLE-1/Vajra: Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure…
Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the P...