Learn more about how to safeguard your company through our educational blog posts on everything from updated tech to the newest scams infiltrating organizations today.

a.k.a how a convenience feature undermined a security feature

The Data Protection API (DPAPI) provided by Windows is a way of protecting secrets used by a lot of popular software solutions, most famously by Google Chrome when storing passwords and cookies. A lot has been said recently about the security of this API…

PowerShell Runspace Post Exploitation Toolkit. Contribute to Cn33liz/p0wnedShell development by creating an account on GitHub.

PowerShell oneliner to retrieve wdigest passwords from the memory - giMini/mimiDbg

Cloud and SaaS offerings have accelerated the need to understand Golden Ticket Attacks and Single Sign-On issues, as well as the ways to quickly solve these problems at scale

This is a major feature release for BloodHound, introducing several new features, optimizations, and bugfixes. For a full changelog, see the blog post at https://blog.cptjesus.com/posts/bloodhound2...

This blog contains a very quick and dirty way to disable AMSI in the context of Windows Scripting Host which doesn't require admin privilege...

A pattern for a self-installing Windows service in C# with the unstoppable attributes in C#. - malcomvetter/UnstoppableService

Driver loader for bypassing Windows x64 Driver Signature Enforcement - hfiref0x/TDL

All materials from our Black Hat 2018 "Subverting Sysmon" talk - mattifestation/BHUSA2018_Sysmon

An implementation of PSExec in C#. Contribute to malcomvetter/CSExec development by creating an account on GitHub.

Demo of ADRecon presented on 08th and 12th August at BlackHat USA 2018 Arsenal and DEF CON 26 Demo Labs. https://www.blackhat.com/us-18/arsenal/schedule/index.…

Ps1jacker is a tool for generating COM Hijacking payload. - GitHub - cybercitizen7/Ps1jacker: Ps1jacker is a tool for generating COM Hijacking payload.