😈 [ markrussinovich, Mark Russinovich ]
Check out my Microsoft Build interview with @sethjuarez on Azure Container Apps + Dapr, a big step in the evolution of serverless: https://t.co/mqla60UZFz
🔗 https://www.youtube.com/watch?v=dplT6YL66Mg
🐥 [ tweet ]
Check out my Microsoft Build interview with @sethjuarez on Azure Container Apps + Dapr, a big step in the evolution of serverless: https://t.co/mqla60UZFz
🔗 https://www.youtube.com/watch?v=dplT6YL66Mg
🐥 [ tweet ]
😈 [DirectoryRanger, DirectoryRanger]
ADeleg. Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues
https://t.co/sbqcK2mPHW
🔗 https://github.com/mtth-bfft/adeleg
🐥 [tweet]
ADeleg. Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues
https://t.co/sbqcK2mPHW
🔗 https://github.com/mtth-bfft/adeleg
🐥 [tweet]
😈 [DirectoryRanger, DirectoryRanger]
Offensive Windows IPC Internals, by @0xcsandker
Part 1: Named Pipes https://t.co/Ug3gPKZANi
Part 2: RPC https://t.co/cfgY8dTLTa
Part 3: ALPC https://t.co/avXPjhqml4
🔗 https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
🔗 https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
🔗 https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html
🐥 [tweet]
Offensive Windows IPC Internals, by @0xcsandker
Part 1: Named Pipes https://t.co/Ug3gPKZANi
Part 2: RPC https://t.co/cfgY8dTLTa
Part 3: ALPC https://t.co/avXPjhqml4
🔗 https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
🔗 https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
🔗 https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html
🐥 [tweet]
😈 [DirectoryRanger, DirectoryRanger]
Hunting for Active Directory Certificate Services Abuse, by @HeirhabarovT
https://t.co/adwuv53TOL
🔗 https://speakerdeck.com/heirhabarov/hunting-for-active-directory-certificate-services-abuse
🐥 [tweet]
Hunting for Active Directory Certificate Services Abuse, by @HeirhabarovT
https://t.co/adwuv53TOL
🔗 https://speakerdeck.com/heirhabarov/hunting-for-active-directory-certificate-services-abuse
🐥 [tweet]
😈 [cyb3rops, Florian Roth 🏝]
Remember, when you write #YARA rules for RTF files that "{\rtf" isn’t the header that you should look for, since the „f“ isn’t required by Microsoft Word to open the file
Better use:
uint32be(0) == 0x7B5C7274
which is "{\rt" at position 0
https://t.co/vzBbEcZJd1
🔗 https://furoner.wordpress.com/2017/07/06/analysis-of-new-rtf-malware-obfuscation-method/
🐥 [tweet]
Remember, when you write #YARA rules for RTF files that "{\rtf" isn’t the header that you should look for, since the „f“ isn’t required by Microsoft Word to open the file
Better use:
uint32be(0) == 0x7B5C7274
which is "{\rt" at position 0
https://t.co/vzBbEcZJd1
🔗 https://furoner.wordpress.com/2017/07/06/analysis-of-new-rtf-malware-obfuscation-method/
🐥 [tweet]
😈 [carlospolopm, carlospolop]
Weekly HackTricks links to learn about: Cache poisoning and cache deception, SNMP, and DDexec.
- https://t.co/uWw9s2bJPJ
- https://t.co/UxQjAM6gzZ
- https://t.co/vvR7kp409c
#hacktricks
🔗 https://book.hacktricks.xyz/pentesting-web/cache-deception
🔗 https://book.hacktricks.xyz/network-services-pentesting/pentesting-snmp
🔗 https://book.hacktricks.xyz/linux-hardening/bypass-bash-restrictions/ddexec
🐥 [tweet]
Weekly HackTricks links to learn about: Cache poisoning and cache deception, SNMP, and DDexec.
- https://t.co/uWw9s2bJPJ
- https://t.co/UxQjAM6gzZ
- https://t.co/vvR7kp409c
#hacktricks
🔗 https://book.hacktricks.xyz/pentesting-web/cache-deception
🔗 https://book.hacktricks.xyz/network-services-pentesting/pentesting-snmp
🔗 https://book.hacktricks.xyz/linux-hardening/bypass-bash-restrictions/ddexec
🐥 [tweet]
😈 [ albinowax, James Kettle ]
I've updated the Turbo Intruder documentation with some practical tips for long-running attacks. TLDR don't put five million responses in the table, you'll run out of RAM.
https://t.co/lhyH2hlOrn
🔗 https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack
🐥 [ tweet ]
I've updated the Turbo Intruder documentation with some practical tips for long-running attacks. TLDR don't put five million responses in the table, you'll run out of RAM.
https://t.co/lhyH2hlOrn
🔗 https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack
🐥 [ tweet ]
😈 [ Tarlogic, Tarlogic ]
The world grades everything. Students, restaurants and hotels, movies, books... #CyberSecurity couldn't be oblivious to this reality. That's why we have dedicated a post on our blog Ciber 4 All to the #CVSS framework.
https://t.co/rPbUFFuR7f
🔗 https://www.tarlogic.com/blog/cvss-scoring-it-vulnerabilities/
🐥 [ tweet ]
The world grades everything. Students, restaurants and hotels, movies, books... #CyberSecurity couldn't be oblivious to this reality. That's why we have dedicated a post on our blog Ciber 4 All to the #CVSS framework.
https://t.co/rPbUFFuR7f
🔗 https://www.tarlogic.com/blog/cvss-scoring-it-vulnerabilities/
🐥 [ tweet ]