😈 [ 0xdf_, 0xdf ]
Timing from @hackthebox_eu had LFI, directory traversal, a side channel/timing attack, a mass assignment vulnerability, LFI+upload = RCE, and a custom downloader to exploit, all on the way to root.
https://t.co/QHYKm3OnLU
🔗 https://0xdf.gitlab.io/2022/06/04/htb-timing.html
🐥 [ tweet ]
Timing from @hackthebox_eu had LFI, directory traversal, a side channel/timing attack, a mass assignment vulnerability, LFI+upload = RCE, and a custom downloader to exploit, all on the way to root.
https://t.co/QHYKm3OnLU
🔗 https://0xdf.gitlab.io/2022/06/04/htb-timing.html
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
Process Ghosting Attack
https://t.co/DCcAxkRjDQ
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://www.hackingarticles.in/process-ghosting-attack/
🐥 [ tweet ]
Process Ghosting Attack
https://t.co/DCcAxkRjDQ
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://www.hackingarticles.in/process-ghosting-attack/
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
Powercat for Pentester
https://t.co/irffdvbILa
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://www.hackingarticles.in/powercat-for-pentester/
🐥 [ tweet ]
Powercat for Pentester
https://t.co/irffdvbILa
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://www.hackingarticles.in/powercat-for-pentester/
🐥 [ tweet ]
😈 [ m3g9tr0n, Spiros Fraganastasis ]
Administrative tools and logon types
https://t.co/jGi99iBpvO
🔗 https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/reference-tools-logon-types
🐥 [ tweet ]
Administrative tools and logon types
https://t.co/jGi99iBpvO
🔗 https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/reference-tools-logon-types
🐥 [ tweet ]
🔥1
😈 [ c3rb3ru5d3d53c, ςεяβεяμs - мαℓωαяε яεsεαяςнεя ]
#Suricata #Signature for Confluence CVE-2022-26134 #exploit #poc
ATTACK Potential URI Template Injection
https://t.co/8mVZhciNqF
🔗 https://github.com/c3rb3ru5d3d53c/signatures/blob/master/signatures/attack/injection/template/template.suricata-6.0.5.rules
🐥 [ tweet ]
#Suricata #Signature for Confluence CVE-2022-26134 #exploit #poc
ATTACK Potential URI Template Injection
https://t.co/8mVZhciNqF
🔗 https://github.com/c3rb3ru5d3d53c/signatures/blob/master/signatures/attack/injection/template/template.suricata-6.0.5.rules
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
storing creds for a runas-like utility in a saved config file is a security mistake, even if the tool offers "seriously obfuscated encrypted" files. all we need is just hooking CreateProcessWithLogonW (hello to @fridadotre) and no worries about reversing proprietary encryptions.
🔗 https://gist.github.com/tothi/dd3bdd5d9f88ffcd32be15b2ce480aa6
🐥 [ tweet ]
storing creds for a runas-like utility in a saved config file is a security mistake, even if the tool offers "seriously obfuscated encrypted" files. all we need is just hooking CreateProcessWithLogonW (hello to @fridadotre) and no worries about reversing proprietary encryptions.
🔗 https://gist.github.com/tothi/dd3bdd5d9f88ffcd32be15b2ce480aa6
🐥 [ tweet ]
😈 [ m3g9tr0n, Spiros Fraganastasis ]
Exploring data saved by Chrome/Edge/Any Chromium
https://t.co/5zAXvnmsa9 #dpapi
🔗 https://gist.github.com/jhoneill/e585bae781f3efa7ac1992b79e037713
🐥 [ tweet ]
Exploring data saved by Chrome/Edge/Any Chromium
https://t.co/5zAXvnmsa9 #dpapi
🔗 https://gist.github.com/jhoneill/e585bae781f3efa7ac1992b79e037713
🐥 [ tweet ]
👍2
😈 [ NinjaParanoid, Paranoid Ninja (Brute Ratel C4) ]
Hunting alertable threads for QAPC on existing processes, rop-gadgets, Stagers and start address spoofing for the upcoming BRc4 v1.1 release...
https://t.co/5GH2Nwnp74
🔗 https://www.youtube.com/watch?v=w8ictUBcCrM
🐥 [ tweet ]
Hunting alertable threads for QAPC on existing processes, rop-gadgets, Stagers and start address spoofing for the upcoming BRc4 v1.1 release...
https://t.co/5GH2Nwnp74
🔗 https://www.youtube.com/watch?v=w8ictUBcCrM
🐥 [ tweet ]
😈 [ DirectoryRanger, DirectoryRanger ]
O365-Doppelganger. noscript to harvest credentials off of a user during a Red Team and get execution of a file from the user
https://t.co/0CpScve1sn
🔗 https://github.com/paranoidninja/O365-Doppelganger
🐥 [ tweet ]
O365-Doppelganger. noscript to harvest credentials off of a user during a Red Team and get execution of a file from the user
https://t.co/0CpScve1sn
🔗 https://github.com/paranoidninja/O365-Doppelganger
🐥 [ tweet ]
👍1
😈 [ m3g9tr0n, Spiros Fraganastasis ]
Active Directory delegations inventory in Rust
https://t.co/qOoTA6X4yi
🔗 https://github.com/mtth-bfft/adeleg
🐥 [ tweet ]
Active Directory delegations inventory in Rust
https://t.co/qOoTA6X4yi
🔗 https://github.com/mtth-bfft/adeleg
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
MITRE ATT&CK: Initial Access
Credit https://t.co/wtfCJx9CMi
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://github.com/JPMinty/MindMaps/tree/master/MITRE%20ATT%26CK/PNG
🐥 [ tweet ]
MITRE ATT&CK: Initial Access
Credit https://t.co/wtfCJx9CMi
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://github.com/JPMinty/MindMaps/tree/master/MITRE%20ATT%26CK/PNG
🐥 [ tweet ]
😈 [ Tarlogic, Tarlogic ]
Vulnerability CVE-2022-26134 has compromised Atlassian @Confluence servers and data centers and, along the way, the security of a multitude of companies. Our colleague @TuLkHaXs analyzes the scale of the incident and how to neutralize it 👇
https://t.co/6k6ILkif0i
🔗 https://www.tarlogic.com/blog/cve-2022-26134-zero-day-vulnerability-affecting-atlassian-confluence/
🐥 [ tweet ]
Vulnerability CVE-2022-26134 has compromised Atlassian @Confluence servers and data centers and, along the way, the security of a multitude of companies. Our colleague @TuLkHaXs analyzes the scale of the incident and how to neutralize it 👇
https://t.co/6k6ILkif0i
🔗 https://www.tarlogic.com/blog/cve-2022-26134-zero-day-vulnerability-affecting-atlassian-confluence/
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
GitHub Recon in Manual mode - Part 3 - Database
credits: techgaun/github-dorks
#recon #recontips #github #AttackSurface #bugbountytips #reconone #Database #gitrecon
🐥 [ tweet ]
GitHub Recon in Manual mode - Part 3 - Database
credits: techgaun/github-dorks
#recon #recontips #github #AttackSurface #bugbountytips #reconone #Database #gitrecon
🐥 [ tweet ]
😈 [ _wald0, Andy Robbins ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
🔗 https://posts.specterops.io/82667d17187a
🔗 http://azsec.azurewebsites.net
🐥 [ tweet ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
🔗 https://posts.specterops.io/82667d17187a
🔗 http://azsec.azurewebsites.net
🐥 [ tweet ]
😈 [ _JohnHammond, John Hammond is @ RSAC ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
🔗 https://youtu.be/pKtDQtsubio
🐥 [ tweet ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
🔗 https://youtu.be/pKtDQtsubio
🐥 [ tweet ]
😈 [ DebugPrivilege, • ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
🐥 [ tweet ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this 👇
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
🐥 [ tweet ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this 👇
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
🐥 [ tweet ]
😈 [ SagieSec, Sagie Dulce ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port
🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall
🐥 [ tweet ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port
🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall
🐥 [ tweet ]
😈 [ DebugPrivilege, • ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
🔗 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
🐥 [ tweet ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
🔗 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
🐥 [ tweet ]
🔥1