Lateral movement in penetration test activity, 2023
During Red Team assessments, after a compromise has been done, attackers tend to laterally move through the network gaining more relevant information on other systems. This lateral movement is possible through the use of many binaries/services/processes. In this article we will be solely focusing on Lateral Movement using Remote Services, i.e., services that can help in code/command execution on remote systems by taking in valid set of credentials. Oftentimes, same set of credentials are used within organization and this type of lateral movement becomes very easy and effective.
MITRE TACTIC: Lateral Movement (TA0008)
MITRE TECHNIQUE ID: T1021 (Remote Services)
SUBTITLE: Multiple Titles
(T1021.001, T1021.002, T1021.003, T1021.004, T1021.005, T1021.006)
#pentest
During Red Team assessments, after a compromise has been done, attackers tend to laterally move through the network gaining more relevant information on other systems. This lateral movement is possible through the use of many binaries/services/processes. In this article we will be solely focusing on Lateral Movement using Remote Services, i.e., services that can help in code/command execution on remote systems by taking in valid set of credentials. Oftentimes, same set of credentials are used within organization and this type of lateral movement becomes very easy and effective.
MITRE TACTIC: Lateral Movement (TA0008)
MITRE TECHNIQUE ID: T1021 (Remote Services)
SUBTITLE: Multiple Titles
(T1021.001, T1021.002, T1021.003, T1021.004, T1021.005, T1021.006)
#pentest
👍5
Lateral_Movement_Pentest_Sample_2023.pdf
3.5 MB
Lateral movement in penetration test activity, 2023
👍2🤔1
Forwarded from CyberSecBastion
DevOps threat matrix by Microsoft, 2023
Our goal for developing the threat matrix for DevOps is to build a comprehensive knowledgebase that defenders can use to keep track of and build defenses against relevant attack techniques. Using the MITRE ATT&CK framework as a base, we collected techniques and attack vectors associated with DevOps environments and created a matrix dedicated to DevOps attack methods.
Source
#VendorInfo
Our goal for developing the threat matrix for DevOps is to build a comprehensive knowledgebase that defenders can use to keep track of and build defenses against relevant attack techniques. Using the MITRE ATT&CK framework as a base, we collected techniques and attack vectors associated with DevOps environments and created a matrix dedicated to DevOps attack methods.
Source
#VendorInfo
👍5
Ways to Get a Free PVS-Studio (SAST) License
There are several ways to get a free license of the PVS-Studio static code analyzer, which is meant for searching for errors and potential vulnerabilities. Open source projects, small closed projects, public security specialists and owners of the Microsoft MVP status can use the license for free. The article briefly describes each of these options
Source
Extra
For security expert
For pet project
#hacktool #AppSec
There are several ways to get a free license of the PVS-Studio static code analyzer, which is meant for searching for errors and potential vulnerabilities. Open source projects, small closed projects, public security specialists and owners of the Microsoft MVP status can use the license for free. The article briefly describes each of these options
Source
Extra
For security expert
For pet project
#hacktool #AppSec
🤔2🎉1
Energy Consumption of Post Quantum Cryptography: Dilithium and Kyber Beat Our Existing TLS 1.3 Performance
Интересная статья по поводу использования квантовых машин для вычисления ключей, которые сегодня считаются стойкими, например, тот же TLS 1.3
Американский институт NIST готовит документы и алгоритмы Kyber и Dilithium для обеспечения криптостойкости ключей в пост-квантовую эпоху.
Source
#crypto
Интересная статья по поводу использования квантовых машин для вычисления ключей, которые сегодня считаются стойкими, например, тот же TLS 1.3
Американский институт NIST готовит документы и алгоритмы Kyber и Dilithium для обеспечения криптостойкости ключей в пост-квантовую эпоху.
Source
#crypto
🤔3
This media is not supported in your browser
VIEW IN TELEGRAM
Mythic
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming.
Mythic is written by Cody Thomas and its a highly flexible and customizable open-source command-and-control (C2) framework that is designed to be used by red teamers and penetration testers. The framework provides a comprehensive platform for managing and controlling remote agents that can be used to perform various tasks, such as reconnaissance, exploitation, and post-exploitation activities.
Source
#hacktool
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming.
Mythic is written by Cody Thomas and its a highly flexible and customizable open-source command-and-control (C2) framework that is designed to be used by red teamers and penetration testers. The framework provides a comprehensive platform for managing and controlling remote agents that can be used to perform various tasks, such as reconnaissance, exploitation, and post-exploitation activities.
Source
#hacktool
🔥4👍3
Disabling Intel’s Backdoors On Modern Laptops
Because you are hacked at the moment you power on the computer and connect it.
connected=hacked
У кого материнки от Intel гасите эту опцию пока не поздно
Source
#
Because you are hacked at the moment you power on the computer and connect it.
connected=hacked
У кого материнки от Intel гасите эту опцию пока не поздно
Source
#
😱3❤2
Pivoting over WiFi: WPA PSK
Наглядка от гуру хЭка. Ломят Wi-Fi и крепятся в системе надолго..
#pentest
Наглядка от гуру хЭка. Ломят Wi-Fi и крепятся в системе надолго..
#pentest
👍4
Vulmap scanner
Vulmap is an open-source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These noscripts can be used for defensive and offensive purposes. It is possible to make vulnerability assessments using these noscripts. Also, they can be used for privilege escalation by pentesters/red teamers.
GitHub
#hacktool
Vulmap is an open-source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These noscripts can be used for defensive and offensive purposes. It is possible to make vulnerability assessments using these noscripts. Also, they can be used for privilege escalation by pentesters/red teamers.
GitHub
#hacktool
👏6🤔1
Nmap for pentesters. Cracking Passwords Mini Guide
The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple noscripts to automate a wide variety of networking tasks. Those noscripts are then executed in parallel with the speed and efficiency you expect from Nmap. The core of the Nmap Scripting Engine is an embeddable Lua interpreter. The second part of the Nmap Scripting Engine is the NSE Library, which connects Lua and Nmap.
NSE noscripts define a list of categories that they belong to. Currently defined categories are auth, broadcast, brute, default. discovery, dos, exploit, external, fuzzer, intrusive, malware, safe, version, and
vuln.
Nmap contains noscripts for brute-forcing dozens of protocols, including HTTP-brute, Oracle-brute, SNMP-brute, etc.
#pentest
The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple noscripts to automate a wide variety of networking tasks. Those noscripts are then executed in parallel with the speed and efficiency you expect from Nmap. The core of the Nmap Scripting Engine is an embeddable Lua interpreter. The second part of the Nmap Scripting Engine is the NSE Library, which connects Lua and Nmap.
NSE noscripts define a list of categories that they belong to. Currently defined categories are auth, broadcast, brute, default. discovery, dos, exploit, external, fuzzer, intrusive, malware, safe, version, and
vuln.
Nmap contains noscripts for brute-forcing dozens of protocols, including HTTP-brute, Oracle-brute, SNMP-brute, etc.
#pentest
👍3
Physical Penetration Test Resources by CSbyGB, Gabrielle B.
🌟 My story about one of the most thrilling pentest that I made
http://ow.ly/p09850NKsH9
👉 𝗪𝗛𝗔𝗧 𝗜𝗦 𝗣𝗛𝗬𝗦𝗜𝗖𝗔𝗟 𝗣𝗘𝗡𝗧𝗘𝗦𝗧
🌟 CRPPL Quick Training by Joas Antonio
http://ow.ly/CfzQ50NKsHe
🌟 Physical Penetration Testing: Pretty much everything you need to know on Redlegg
http://ow.ly/v29R50NKsHm
🌟 How to get into Physical Penetration Testing by HoodiePoney
http://ow.ly/q9wo50NKsHp
🌟 6 Best practices for performing Physical Penetration Tests by Daniel Wood on Darkreading
http://ow.ly/vvA250NKsHk
🌟 13 physical penetration testing methods that actually work
http://ow.ly/lCFN50NKsH5
🌟 Physical Pentesting in red team assessment by Eduardo Arriols
http://ow.ly/cQY750NKsHj
👉 𝗘𝗫𝗣𝗘𝗥𝗧𝗦 𝗧𝗔𝗟𝗞 𝗔𝗕𝗢𝗨𝗧 𝗜𝗧
🌟 Tactics of Physical Pentesters by FreeCodeCamp
http://ow.ly/Ow7o50NKsHo
#useful
🌟 My story about one of the most thrilling pentest that I made
http://ow.ly/p09850NKsH9
👉 𝗪𝗛𝗔𝗧 𝗜𝗦 𝗣𝗛𝗬𝗦𝗜𝗖𝗔𝗟 𝗣𝗘𝗡𝗧𝗘𝗦𝗧
🌟 CRPPL Quick Training by Joas Antonio
http://ow.ly/CfzQ50NKsHe
🌟 Physical Penetration Testing: Pretty much everything you need to know on Redlegg
http://ow.ly/v29R50NKsHm
🌟 How to get into Physical Penetration Testing by HoodiePoney
http://ow.ly/q9wo50NKsHp
🌟 6 Best practices for performing Physical Penetration Tests by Daniel Wood on Darkreading
http://ow.ly/vvA250NKsHk
🌟 13 physical penetration testing methods that actually work
http://ow.ly/lCFN50NKsH5
🌟 Physical Pentesting in red team assessment by Eduardo Arriols
http://ow.ly/cQY750NKsHj
👉 𝗘𝗫𝗣𝗘𝗥𝗧𝗦 𝗧𝗔𝗟𝗞 𝗔𝗕𝗢𝗨𝗧 𝗜𝗧
🌟 Tactics of Physical Pentesters by FreeCodeCamp
http://ow.ly/Ow7o50NKsHo
#useful
🔥5👍2
🌟 SANS Webcast Physical Security Everything that’s wrong with your typical door by Deviant Ollam
http://ow.ly/X4JO50NKsHc
🌟 How do red teams legally break into banks on Truesec with Stök and Fabio Viggiani
http://ow.ly/HTzr50NKsHb
👉 𝗧𝗢𝗢𝗟𝗦 𝗔𝗡𝗗 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦
🌟 Physical Security Toolkit
http://ow.ly/cGIv50NKsHi
🌟 P5 - The public physical pentesting paraphernalia project by stensjoberg
http://ow.ly/8y6G50NKsHh
🌟 The Open Organisation of Lockpickers
http://ow.ly/VaUL50NKsH3
🌟 Exploring the uncharted backwaters of HID iCLASS security by Milosch Meriac
http://ow.ly/x6Kq50NKsHa
👉 𝗖𝗢𝗠𝗠𝗨𝗡𝗜𝗧𝗬
🌟 Physical Security Village
http://ow.ly/Xk4t50NKsH8
🌟 Physical Security Village Resources
http://ow.ly/J4xw50NKsHl
#useful
http://ow.ly/X4JO50NKsHc
🌟 How do red teams legally break into banks on Truesec with Stök and Fabio Viggiani
http://ow.ly/HTzr50NKsHb
👉 𝗧𝗢𝗢𝗟𝗦 𝗔𝗡𝗗 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦
🌟 Physical Security Toolkit
http://ow.ly/cGIv50NKsHi
🌟 P5 - The public physical pentesting paraphernalia project by stensjoberg
http://ow.ly/8y6G50NKsHh
🌟 The Open Organisation of Lockpickers
http://ow.ly/VaUL50NKsH3
🌟 Exploring the uncharted backwaters of HID iCLASS security by Milosch Meriac
http://ow.ly/x6Kq50NKsHa
👉 𝗖𝗢𝗠𝗠𝗨𝗡𝗜𝗧𝗬
🌟 Physical Security Village
http://ow.ly/Xk4t50NKsH8
🌟 Physical Security Village Resources
http://ow.ly/J4xw50NKsHl
#useful
🔥6