SoheilSec
CVE-2024-49112 is a Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This critical vulnerability has been assigned a CVSS score of 9.8, indicating a high impact on confidentiality, integrity, and availability (C:H/I:H/A:H).…
This media is not supported in your browser
VIEW IN TELEGRAM
PoC:
https://github.com/SafeBreach-Labs/CVE-2024-49113
Blog: https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-CVE-2024-49113/
https://github.com/SafeBreach-Labs/CVE-2024-49113
Blog: https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-CVE-2024-49113/
👌6❤1👍1
3 takeaways from red teaming 100 generative AI products
https://www.microsoft.com/en-us/security/blog/2025/01/13/3-takeaways-from-red-teaming-100-generative-ai-products/
https://www.microsoft.com/en-us/security/blog/2025/01/13/3-takeaways-from-red-teaming-100-generative-ai-products/
Microsoft News
3 takeaways from red teaming 100 generative AI products
The growing sophistication of AI systems and Microsoft’s increasing investment in AI have made red teaming more important than ever. Learn more.
👍2👌2
Forwarded from Peneter Tools (Soheil Hashemi)
POC exploit for CVE-2024-49138
https://github.com/MrAle98/CVE-2024-49138-POC
https://github.com/MrAle98/CVE-2024-49138-POC
GitHub
GitHub - MrAle98/CVE-2024-49138-POC: POC exploit for CVE-2024-49138
POC exploit for CVE-2024-49138. Contribute to MrAle98/CVE-2024-49138-POC development by creating an account on GitHub.
❤6
NSA Jointly Releases Recommendations for Closing the Software Understanding Gap
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/4031718/nsa-jointly-releases-recommendations-for-closing-the-software-understanding-gap/
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/4031718/nsa-jointly-releases-recommendations-for-closing-the-software-understanding-gap/
National Security Agency/Central Security Service
NSA Jointly Releases Recommendations for Closing the Software Understa
FORT MEADE, Md. – A report released by the National Security Agency (NSA), the Cybersecurity and Infrastructure Agency (CISA), the Defense Advanced Research Projects Agency (DARPA), and the
❤1
ETW Threat Intelligence and Hardware Breakpoints
https://www.praetorian.com/blog/etw-threat-intelligence-and-hardware-breakpoints/
https://github.com/rad9800/hwbp4mw
https://www.praetorian.com/blog/etw-threat-intelligence-and-hardware-breakpoints/
https://github.com/rad9800/hwbp4mw
Praetorian
ETW Threat Intelligence and Hardware Breakpoints
Learn to bypass EDR detection using NtContinue for hardware breakpoints without triggering ETW Threat Intelligence. This technical blog explores kernel debugging, debug registers, and EDR evasion with code examples.
به نظر میرسه لیک NightHawkC2 واقعی است و احتمال میره سورس کد آن به سرقت رفته باشه
این c2 جزو نسخههای commercial c2 matrix هست و محصول شرکت mdsec میباشد.
https://x.com/deadvolvo/status/1882455367864770970?t=opQIfMzaGUZ2sybw9qU1pw&s=19
این c2 جزو نسخههای commercial c2 matrix هست و محصول شرکت mdsec میباشد.
https://x.com/deadvolvo/status/1882455367864770970?t=opQIfMzaGUZ2sybw9qU1pw&s=19
👍9
summary of the changes to SMB signing enforcement defaults in Windows Server 2025 and Windows 11 24H2:
https://www.dsinternals.com/en/smb-signing-windows-server-2025-client-11-24h2-defaults/
https://www.dsinternals.com/en/smb-signing-windows-server-2025-client-11-24h2-defaults/
👍3❤1
Forwarded from Peneter.com
Professional.Red.Teaming_Chapter_9.pdf
697.1 KB
کتاب: تیم قرمز حرفهای 📕
فصل نهم: تیم قرمز ضد APT
فهرست مطالب
تیم CAPTR
تحلیل بدترین حالت ممکن و تعیین محدوده 148
چشمانداز اولیه حیاتی 149
زنجیره انتقال معکوس 149
تقابل 150
روز صفر 150
تهدیدات داخلی 153
بهرهوری 154
ریسک تحمیل شده 155
معایب 156
خلاصه فصل نهم 158
فصل نهم: تیم قرمز ضد APT
فهرست مطالب
تیم CAPTR
تحلیل بدترین حالت ممکن و تعیین محدوده 148
چشمانداز اولیه حیاتی 149
زنجیره انتقال معکوس 149
تقابل 150
روز صفر 150
تهدیدات داخلی 153
بهرهوری 154
ریسک تحمیل شده 155
معایب 156
خلاصه فصل نهم 158
❤4👍1
The January 2025 Cumulative Update introduced some very interesting changes to Event IDs 4768 and 4769. Several new fields were added that provide visibility into Kerberos authentication details. Previously, one of the only options to collect this data was to perform a network packet capture. Check out the indicator for impacket's getTGT and Rubeus' default asktgt command.
Credit : https://www.linkedin.com/in/odonnell-ryan
Credit : https://www.linkedin.com/in/odonnell-ryan