Recently, Check Point Research (CPR) encountered several attacks that are exploiting multiple vulnerabilities, including some recently discovered flaws.

A bunch of post exploitation tools + reverse proxy server - GitHub - redcode-labs/Svetovid: A bunch of post exploitation tools + reverse proxy server

All things purple team.

Introduction We’ve already discussed the importance of code coverage previously in this series so today we’ll try to understand some of the very basic underlying concepts, some common approaches, some tooling, and also see what techniques some popular fuzzing…

Today I am publishing a Finding discovered by my good friend user_x73x76x6E - have fun reading his writeup!Although t...

The vulnerability we shall be looking at is very common, but remains little known. We want to shed some light on it today, so as to help app developers avoid it when they write their apps and security researchers find it in other people's apps and warn the…

.NET Project for Attacking vCenter. Contribute to JamesCooteUK/SharpSphere development by creating an account on GitHub.

Our continued investigation into the Solorigate attack has uncovered new details about the handover from the Solorigate DLL backdoor (SUNBURST) to the Cobalt Strike loader (TEARDROP, Raindrop, and others).

Trellix Research, get the latest cybersecurity trends, best practices, security vulnerabilities, and more from industry leaders.

Contribute to securethelogs/Exnoscan development by creating an account on GitHub.

Windows Defender for Endpoint (Formerly Windows Defender ATP) is a so-called “cloud powered” EDR product[1], i.e. alerts and events are…

Using discovered credentials to move laterally in an environment is a common goal for the NCC Group FSAS team. The ability to quickly and reliably use a newly gained set of credentials is essential…

Posted by James Forshaw, Project Zero This blog is a continuation of my series of Windows exploitation tricks. This one describes an exploit...

Today we´re going to talk a little about possible ways to circumvent some of the security measures one might face during an engagement in an Active Directory environment.

We as pentesters are heavily relying on our tools like Bloodhound, Rubeus, mimikatz…

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a...

In this video walkthrough, we explained sqlmap, smbmap and smbclient in the third part of cc pentesting from tryhackme.
----
Receive video documentation
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join
----
Do you need private cybersecurity…