Incident Response Cheatsheet Linux and Windows.pdf
4.4 MB
Incident response cheat sheet for Win and Lin, 2023
👍3
Linux privilege escalation. Writable password file, 2023
"Various techniques to modify the etc/passwd file to create or modify a user with root rights," we'll discover. Once the target has been compromised, it is often required to know "how to edit your own user for privilege escalation on the machine" inside the /etc/passwd file.
#pentest #linux
"Various techniques to modify the etc/passwd file to create or modify a user with root rights," we'll discover. Once the target has been compromised, it is often required to know "how to edit your own user for privilege escalation on the machine" inside the /etc/passwd file.
#pentest #linux
👍4
🤔3
TCP vs. UDP 7 Differences You Should Know.pdf
801.2 KB
TCP vs. UDP: 7 Differences You Should Know
👍1
Defense Evasion. Hide Artifacts (MiTRE ID:T1564)
An artifact can simply be defined as an important system file, which thus includes documentation, test plans, images, and even some executable modules. Operating systems have a feature to hide these artifacts in order to avoid disrupting user work environments and prevent users from changing files or features on the system.
However, an attacker can abuse these functionalities in order to carry out his evil intents by hiding these artifacts, which thus provides a clear path to evade detection. Let’s try to understand the above statement by taking a simple example. Once the attacker has his payload hidden, he can now carry it out for his malicious intent by tricking the system administrator.
With that said, let’s have a look at the various approaches that the attackers take to evade their presence.
#pentest
An artifact can simply be defined as an important system file, which thus includes documentation, test plans, images, and even some executable modules. Operating systems have a feature to hide these artifacts in order to avoid disrupting user work environments and prevent users from changing files or features on the system.
However, an attacker can abuse these functionalities in order to carry out his evil intents by hiding these artifacts, which thus provides a clear path to evade detection. Let’s try to understand the above statement by taking a simple example. Once the attacker has his payload hidden, he can now carry it out for his malicious intent by tricking the system administrator.
With that said, let’s have a look at the various approaches that the attackers take to evade their presence.
#pentest
👍3