راهنمای_جامع_ابزار_Mimikatz_راهنمای_هکرها.pdf
4.4 MB
یکی از دوستان زحمت جمع آوری کامند کشیده من این pdf بررسی کردم نکات خوبی داره
پیشنهاد میکنم حتما بخونید برای خودتون یه md درست کنید تو پروژه به کار میاد در زمینه دور زدن بلاگ زیر میتونه بهتون دید بده
https://s3cur3th1ssh1t.github.io/Building-a-custom-Mimikatz-binary/
⭕️ | راهنمای جامع ابزار Mimikatz
این کتاب به بررسی ابزار Mimikatz میپردازد که برای استخراج پسوردها، هشها و توکنهای دسترسی از حافظه سیستم استفاده میشود. در این کتاب، شما با تکنیکهای پایه تا پیشرفته Mimikatz آشنا خواهید شد، از جمله استخراج اعتبارنامهها، دور زدن مکانیزمهای امنیتی و افزایش دسترسی. همچنین، نمونههایی از حملات واقعی که از Mimikatz استفاده کردهاند و نحوه مقابله با این ابزار بررسی شده است.
پیشنهاد میکنم حتما بخونید برای خودتون یه md درست کنید تو پروژه به کار میاد در زمینه دور زدن بلاگ زیر میتونه بهتون دید بده
https://s3cur3th1ssh1t.github.io/Building-a-custom-Mimikatz-binary/
⭕️ | راهنمای جامع ابزار Mimikatz
این کتاب به بررسی ابزار Mimikatz میپردازد که برای استخراج پسوردها، هشها و توکنهای دسترسی از حافظه سیستم استفاده میشود. در این کتاب، شما با تکنیکهای پایه تا پیشرفته Mimikatz آشنا خواهید شد، از جمله استخراج اعتبارنامهها، دور زدن مکانیزمهای امنیتی و افزایش دسترسی. همچنین، نمونههایی از حملات واقعی که از Mimikatz استفاده کردهاند و نحوه مقابله با این ابزار بررسی شده است.
❤6👍3👌1
Bypassing Detections with Command-Line Obfuscation
https://www.wietzebeukema.nl/blog/bypassing-detections-with-command-line-obfuscation
https://www.wietzebeukema.nl/blog/bypassing-detections-with-command-line-obfuscation
❤6😈1
Fileless lateral movement with trapped COM objects
https://www.ibm.com/think/news/fileless-lateral-movement-trapped-com-objects
poc :
https://github.com/xforcered/ForsHops
https://www.ibm.com/think/news/fileless-lateral-movement-trapped-com-objects
poc :
https://github.com/xforcered/ForsHops
Ibm
Fileless lateral movement with trapped COM objects | IBM
New research from IBM X-Force Red has led to the development of a proof-of-concept fileless lateral movement technique by abusing trapped Component Object Model (COM) objects. Get the details.
این وبینار دیشب برگزار شد تکنیکهای خیلی خاصی نگفت ولی به عنوان ردتیمر یا پنتستر باید اینارو بلد باشید. مخصوصا اگر IA از سیستم کلاینت باشه.
https://youtu.be/EG2Mbw2DVnU?si=_BRndxfQuvRodPjo
اسلایدهای ارائه:
https://www.slideshare.net/slideshow/windows-client-privilege-escalation-shared-pptx/277239036
اگر لب خواستید برای تست از ریپو میتونید کمک بگیرید براتون محیط اماده میکنه
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
https://youtu.be/EG2Mbw2DVnU?si=_BRndxfQuvRodPjo
اسلایدهای ارائه:
https://www.slideshare.net/slideshow/windows-client-privilege-escalation-shared-pptx/277239036
اگر لب خواستید برای تست از ریپو میتونید کمک بگیرید براتون محیط اماده میکنه
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
YouTube
Webinar - Windows Client Privilege Escalation
Learn the secrets of Windows client privilege escalation during our next webinar! We’ll take a deep dive into the processes and powerful techniques that will enhance your penetration testing and red teaming skills.
During this session, we will cover:
-Essential…
During this session, we will cover:
-Essential…
❤3
یک دوره باید بیان ایران یاد بگیرن چطوری تمیز کار در بیارن 🤔
https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
😈6🗿5
RemoteMonologue - A Windows credential harvesting attack that leverages the Interactive User RunAs key and coerces NTLM authentications via DCOM. Remotely compromise users without moving laterally or touching LSASS.
https://www.ibm.com/think/x-force/remotemonologue-weaponizing-dcom-ntlm-authentication-coercions#1
https://github.com/xforcered/RemoteMonologue
https://www.ibm.com/think/x-force/remotemonologue-weaponizing-dcom-ntlm-authentication-coercions#1
https://github.com/xforcered/RemoteMonologue
Ibm
RemoteMonologue: Weaponizing DCOM for NTLM authentication coercions | IBM
The IBM X-Force Red team covers the fundamentals of COM and DCOM, dives into the RunAs setting and why authentication coercions are impactful and introduces a new credential harvesting tool.
You have got a valid NTLM relay but SMB and LDAP are signed, LDAPS has got Channel Binding and ESC8 is not available... What about WinRMS ?
Don't forget to patch your WinRMS' configurations if you enabled the default one!!
Blog:https://sensepost.com/blog/2025/is-tls-more-secure-the-winrms-case./
Tool:https://github.com/fortra/impacket/pull/1947
Don't forget to patch your WinRMS' configurations if you enabled the default one!!
Blog:https://sensepost.com/blog/2025/is-tls-more-secure-the-winrms-case./
Tool:https://github.com/fortra/impacket/pull/1947
🆒2
At this week’s Microsoft BlueHat IL conference, Benjamin Delpy - widely respected for his work with Mimikatz - delivered what appears to be the first industry leak of Mimikatz 3.0.0 in a live demo. For those of us who have used Mimikatz extensively, this update is particularly intriguing. Delpy made it clear from the outset that this version won’t be publicly released anytime soon - a move that suggests significant shifts ahead.
🤔6👍2
Bypassing UAC via Intel ShaderCache Directory
https://g3tsyst3m.github.io/uac%20bypass/Bypass-UAC-via-Intel-ShaderCache/
https://g3tsyst3m.github.io/uac%20bypass/Bypass-UAC-via-Intel-ShaderCache/
G3tSyst3m's Infosec Blog
Bypassing UAC via Intel ShaderCache Directory
I’ll readily admit my discord server inspired this most recent research into a sort of newly discovered UAC bypass! 😸 I see a lot of convos in the discord server about privilege escalation and I got the itch to research more new-ish UAC bypass methods. I…
👍1
Cloak and Firewall: Exposing Netsh’s Hidden Command Tricks
https://www.splunk.com/en_us/blog/security/netsh-firewall-evasion-techniques.html
https://www.splunk.com/en_us/blog/security/netsh-firewall-evasion-techniques.html
BadSuccessor attack - a novel Active Directory privilege escalation technique that abuses a vulnerability in a feature introduced in Windows Server 2025.
https://www.akamai.com/blog/security-research/abusing-dmsa-for-privilege-escalation-in-active-directory
https://github.com/GhostPack/Rubeus/pull/194
https://github.com/akamai/BadSuccessor
https://www.akamai.com/blog/security-research/abusing-dmsa-for-privilege-escalation-in-active-directory
https://github.com/GhostPack/Rubeus/pull/194
https://github.com/akamai/BadSuccessor
Akamai
BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory
Akamai researchers found a privilege escalation vulnerability in Windows Server 2025 that allows attackers to compromise any user in Active Directory.
👌2❤1
Forwarded from Peneter Tools (Soheil)
BadSuccessor ports:
Powershell : https://github.com/LuemmelSec/Pentest-Tools-Collection/blob/main/tools/ActiveDirectory/BadSuccessor.ps1
Python: https://github.com/cybrly/badsuccessor
.Net : https://github.com/logangoins/SharpSuccessor
added to
nxc : https://github.com/Pennyw0rth/NetExec
bloodyAD : https://github.com/CravateRouge/bloodyAD
Powershell : https://github.com/LuemmelSec/Pentest-Tools-Collection/blob/main/tools/ActiveDirectory/BadSuccessor.ps1
Python: https://github.com/cybrly/badsuccessor
.Net : https://github.com/logangoins/SharpSuccessor
added to
nxc : https://github.com/Pennyw0rth/NetExec
bloodyAD : https://github.com/CravateRouge/bloodyAD
GitHub
Pentest-Tools-Collection/tools/ActiveDirectory/BadSuccessor.ps1 at main · LuemmelSec/Pentest-Tools-Collection
Contribute to LuemmelSec/Pentest-Tools-Collection development by creating an account on GitHub.
C2 Redirectors: Advanced Infrastructure for Modern Red Team Operations
https://xbz0n.sh/blog/c2-redirectors
https://xbz0n.sh/blog/c2-redirectors
xbz0n.sh
C2 Redirectors: Advanced Infrastructure for Modern Red Team Operations
Let's talk about Command and Control (C2) infrastructure. It's the backbone of any red team operation, letting you talk to your implants in target environmen...
❤1