Bloodhound walkthrough. A Tool for Many Tradecrafts
https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts
@WindowsHackingLibrary
https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts
@WindowsHackingLibrary
Pen Test Partners
Bloodhound walkthrough. A Tool for Many Tradecrafts | Pen Test Partners
A walkthrough on how to set up and use BloodHound BloodHound (https://github.com/BloodHoundAD/BloodHound) is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data…
Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication
https://blog.preempt.com/your-session-key-is-my-session-key
@WindowsHackingLibrary
https://blog.preempt.com/your-session-key-is-my-session-key
@WindowsHackingLibrary
Visualizing BloodHound Data with PowerBI — Part 1
https://posts.specterops.io/visualizing-bloodhound-data-with-powerbi-part-1-ba8ea4908422
@WindowsHackingLibrary
https://posts.specterops.io/visualizing-bloodhound-data-with-powerbi-part-1-ba8ea4908422
@WindowsHackingLibrary
Medium
Visualizing BloodHound Data with PowerBI — Part 1
In this blog post, I’ll show you how you can use BloodHound data, the Cypher query language, and Microsoft’s PowerBI to create…
Coding a reliable CVE-2019-084 bypass
https://0x00-0x00.github.io/research/2019/05/30/Coding-a-reliable-CVE-2019-0841-Bypass.html
@WindowsHackingLibrary
https://0x00-0x00.github.io/research/2019/05/30/Coding-a-reliable-CVE-2019-0841-Bypass.html
@WindowsHackingLibrary
zc00l blog
Coding a reliable CVE-2019-084 bypass
Hi all. It’s been some time. I apologize for my absence, but I need to carry on with life and work and, sometimes, there’s no time for this blog.
Explaining the inner workings of AMSI and describing a new bypass technique
https://www.contextis.com/en/blog/amsi-bypass
@WindowsHackingLibrary
https://www.contextis.com/en/blog/amsi-bypass
@WindowsHackingLibrary
Heap Overflow Exploitation on Windows 10 Explained
https://blog.rapid7.com/2019/06/12/heap-overflow-exploitation-on-windows-10-explained
@WindowsHackingLibrary
https://blog.rapid7.com/2019/06/12/heap-overflow-exploitation-on-windows-10-explained
@WindowsHackingLibrary
Bypassing CrowdStrike in an enterprise production network [in 3 different ways]
https://www.komodosec.com/post/bypassing-crowdstrike
@WindowsHackingLibrary
https://www.komodosec.com/post/bypassing-crowdstrike
@WindowsHackingLibrary
KomodoSec
Bypassing CrowdStrike in an Enterprise Production Network
EDR solutions and specifically CrowdStrike Falcon are giving us a hard time recently. It seemed that no matter how covert we tried to be, a well-trained blue team was able to utilize these type of solutions to pick up on our activity relatively fast. That’s…
Analyzing ARP to Discover & Exploit Stale Network Address Configurations
https://www.blackhillsinfosec.com/analyzing-arp-to-discover-exploit-stale-network-address-configurations
@WindowsHackingLibrary
https://www.blackhillsinfosec.com/analyzing-arp-to-discover-exploit-stale-network-address-configurations
@WindowsHackingLibrary
Black Hills Information Security, Inc.
Analyzing ARP to Discover & Exploit Stale Network Address Configurations - Black Hills Information Security, Inc.
Justin Angel// Introduction In penetration testing, ARP is most commonly discussed in terms of poisoning attacks where an attacker achieves a man-in-the-middle (MITM) position between victim nodes by contaminating the […]
Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin
https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin
@WindowsHackingLibrary
https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin
@WindowsHackingLibrary
dirkjanm.io
Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin
Earlier this week, Microsoft issued patches for CVE-2019-1040, which is a vulnerability that allows for bypassing of NTLM relay mitigations. The vulnerability was discovered by Marina Simakov and Yaron Zinar (as well as several others credited in the Microsoft…
Modern Red Team Infrastructure
https://silentbreaksecurity.com/modern-red-team-infrastructure
@WindowsHackingLibrary
https://silentbreaksecurity.com/modern-red-team-infrastructure
@WindowsHackingLibrary
Hijacking Administrative Templates
https://sdmsoftware.com/group-policy-blog/security-related/hijacking-administrative-templates
@WindowsHackingLibrary
https://sdmsoftware.com/group-policy-blog/security-related/hijacking-administrative-templates
@WindowsHackingLibrary
Evading Sysmon DNS Monitoring
https://blog.xpnsec.com/evading-sysmon-dns-monitoring
@WindowsHackingLibrary
https://blog.xpnsec.com/evading-sysmon-dns-monitoring
@WindowsHackingLibrary
XPN InfoSec Blog
@_xpn_ - Evading Sysmon DNS Monitoring
In a recent update to Sysmon, a new feature was introduced allowing the ability to log DNS events. While this gives an excellent datapoint for defenders (shout out to the SysInternals team for continuing to provide and support these awesome tools for free)…
Sliver: A general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS.
https://github.com/BishopFox/sliver
@WindowsHackingLibrary
https://github.com/BishopFox/sliver
@WindowsHackingLibrary
GitHub
GitHub - BishopFox/sliver: Adversary Emulation Framework
Adversary Emulation Framework. Contribute to BishopFox/sliver development by creating an account on GitHub.
Anti-VM Techniques with MSAcpi_ThermalZoneTemperature
https://medium.com/@DebugActiveProcess/anti-vm-techniques-with-msacpi-thermalzonetemperature-32cfeecda802
@WindowsHackingLibrary
https://medium.com/@DebugActiveProcess/anti-vm-techniques-with-msacpi-thermalzonetemperature-32cfeecda802
@WindowsHackingLibrary
Medium
Anti-VM Techniques with MSAcpi_ThermalZoneTemperature
The Win32_TemperatureProbe WMI class represents the properties of a temperature sensor (electronic thermometer).
Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR
https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr
@WindowsHackingLibrary
https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr
@WindowsHackingLibrary
Introducing Slackor, a Remote Access Tool Using Slack as a C2 Channel
https://www.coalfire.com/The-Coalfire-Blog/June-2019/Introducing-Slackor
Tool:
https://github.com/Coalfire-Research/Slackor
@WindowsHackingLibrary
https://www.coalfire.com/The-Coalfire-Blog/June-2019/Introducing-Slackor
Tool:
https://github.com/Coalfire-Research/Slackor
@WindowsHackingLibrary
Coalfire
Introducing Slackor
Slackor is a remote access tool using Slack as a C2 channel. Learn more on this page.
In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/in-ntdll-i-trust-process-reimaging-and-endpoint-security-solution-bypass
@WindowsHackingLibrary
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/in-ntdll-i-trust-process-reimaging-and-endpoint-security-solution-bypass
@WindowsHackingLibrary
McAfee Blog
Cybersecurity News and Insights to Stay Safe Online | McAfee Blog
Welcome to the McAfee Blog, where we share posts about security solutions and products to keep you and your connected family safe online.
Stealthy & Targeted Implant Loaders
https://attactics.org/2019/06/21/stealthy-targeted-implant-loaders
@WindowsHackingLibrary
https://attactics.org/2019/06/21/stealthy-targeted-implant-loaders
@WindowsHackingLibrary