Identity Providers for RedTeamers
#xpn
Originally presented at SOCON-2024, and continuing the series into post-exploitation techniques against Identity Providers, in this blog post we'll look at Ping, OneLogin and Entra ID. I'll discuss how post-exploitation techniques effective against Okta apply to other providers, release new tools for post-exploitation, and look at what proves to be effective when critical assets lie beyond an Identity Provider portal.
via XPN InfoSec Blog
#xpn
Originally presented at SOCON-2024, and continuing the series into post-exploitation techniques against Identity Providers, in this blog post we'll look at Ping, OneLogin and Entra ID. I'll discuss how post-exploitation techniques effective against Okta apply to other providers, release new tools for post-exploitation, and look at what proves to be effective when critical assets lie beyond an Identity Provider portal.
via XPN InfoSec Blog
From Error to Entry: Cracking the Code of Password-Spraying Tools
#trustedsec
IntroductionFirst things first, all of the tools in this blog post are really great tools and I have used most of them. (Thanks to the authors of the tools to sacrifice time and energy to write tools for the…
via TrustedSec Blog (author: Oddvar Moe)
#trustedsec
IntroductionFirst things first, all of the tools in this blog post are really great tools and I have used most of them. (Thanks to the authors of the tools to sacrifice time and energy to write tools for the…
via TrustedSec Blog (author: Oddvar Moe)
Web2 Bugs in Web3 Systems
#netspi
Discover how attackers use vulnerabilities in off-chain components to achieve critical impact against on-chain systems.
via NetSPI Technical Blog (author: Hannay Almohanna)
#netspi
Discover how attackers use vulnerabilities in off-chain components to achieve critical impact against on-chain systems.
via NetSPI Technical Blog (author: Hannay Almohanna)
Securing Sensitive Data: How Ransomware Challenges the Healthcare Industry
#trustedsec
The healthcare industry is a prime target for ransomware attacks due to the critical nature of its services and the sensitive data it handles. This blog post outlines essential steps that healthcare organizations can…
via TrustedSec Blog (author: Carlos Perez)
#trustedsec
The healthcare industry is a prime target for ransomware attacks due to the critical nature of its services and the sensitive data it handles. This blog post outlines essential steps that healthcare organizations can…
via TrustedSec Blog (author: Carlos Perez)
Introducing STAR-FS
#mdsec
March, 2024 Last week, the Bank of England announced the introduction of a new regulatory framework, STAR-FS, to support the financial sector in its cyber resilience operations. Over 4 years...
via MDSec Blog (author: Admin)
#mdsec
March, 2024 Last week, the Bank of England announced the introduction of a new regulatory framework, STAR-FS, to support the financial sector in its cyber resilience operations. Over 4 years...
via MDSec Blog (author: Admin)
How Just-Metadata Reinvents IP Analysis
#redsiege
Tool developed by: Chris Truncer Cracking the Code with Just-Metadata Imagine trying to solve a giant puzzle where each piece is hidden in a massive digital world. That’s what dealing […]
via RedSiege Blog (author: Red Siege)
#redsiege
Tool developed by: Chris Truncer Cracking the Code with Just-Metadata Imagine trying to solve a giant puzzle where each piece is hidden in a massive digital world. That’s what dealing […]
via RedSiege Blog (author: Red Siege)
Navigating Active Directory Security with EDD
#redsiege
Tool developed by: Chris Truncer Leverage EDD for Advanced Offensive Strategies EDD serves as a critical tool for offensive security professionals, enhancing domain reconnaissance with .NET efficiency. It facilitates a […]
via RedSiege Blog (author: Red Siege)
#redsiege
Tool developed by: Chris Truncer Leverage EDD for Advanced Offensive Strategies EDD serves as a critical tool for offensive security professionals, enhancing domain reconnaissance with .NET efficiency. It facilitates a […]
via RedSiege Blog (author: Red Siege)
From Chaos to Clarity: Organizing Data With Structured Formats
#trustedsec
About a year ago, we introduced a logging utility into our internal tooling on the Targeted Operations team to standardize how we output data (as a bonus, this also served us aesthetically with…
via TrustedSec Blog (author: Brandon McGrath)
#trustedsec
About a year ago, we introduced a logging utility into our internal tooling on the Targeted Operations team to standardize how we output data (as a bonus, this also served us aesthetically with…
via TrustedSec Blog (author: Brandon McGrath)
Elevating Privileges with Azure Site Recovery Services
#netspi
Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated.
via NetSPI Technical Blog (author: Joshua Murrell)
#netspi
Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated.
via NetSPI Technical Blog (author: Joshua Murrell)
Forwarded from Red Team Manager
Вопрос собесов - один из самых популярных. Что надо знать, как собесят и как собесить - постарался кратко рассказать в своем посте.
https://teletype.in/@redteammanager/C-SNExDWeez
https://teletype.in/@redteammanager/C-SNExDWeez
Teletype
Собесы в пентест
Пора разобрать самую популярную тему, связанную с менеджментом, а именно - собесы. Собеседование кандидата является очень стрессовым...
❤1
Forwarded from vx-underground
Happy Supply Chain Attack Friday!
tldr if you updated Kali Linux recently you're pwned with malware
https://twitter.com/kalilinux/status/1773786266074513523
tldr if you updated Kali Linux recently you're pwned with malware
https://twitter.com/kalilinux/status/1773786266074513523
X (formerly Twitter)
Kali Linux (@kalilinux) on X
The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the…
SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access
#redsiege
By: Alex Reid, Current Red Siege Intern In the April 2018 release of Windows 10 version 1803, Microsoft announced that the Windows OpenSSH client would ship and be enabled […]
via RedSiege Blog (author: Red Siege)
#redsiege
By: Alex Reid, Current Red Siege Intern In the April 2018 release of Windows 10 version 1803, Microsoft announced that the Windows OpenSSH client would ship and be enabled […]
via RedSiege Blog (author: Red Siege)
👍1
Evilginx 3.3 - Go & Phish
#kgretzky
Evilginx 3.3 update is here and it comes packing with the special feature everyone has been waiting for.
via BREAKDEV Blog (author: Kuba Gretzky)
#kgretzky
Evilginx 3.3 update is here and it comes packing with the special feature everyone has been waiting for.
via BREAKDEV Blog (author: Kuba Gretzky)
👍1
Getting Intune with Bugs and Tokens: A Journey Through EPM
#specterops
via SpecterOps Team Medium (author: Zach Stein)
#specterops
via SpecterOps Team Medium (author: Zach Stein)
Medium
Getting Intune with Bugs and Tokens: A Journey Through EPM
Written by Zach Stein & Duane Michael
Observations From Business Email Compromise (BEC) Attacks
#trustedsec
Since joining TrustedSec, I have gotten to work numerous cases, and each of them is like unraveling a mystery to get at the truth—especially the situations that have involved business email compromise (or BEC).…
via TrustedSec Blog (author: Thomas Millar)
#trustedsec
Since joining TrustedSec, I have gotten to work numerous cases, and each of them is like unraveling a mystery to get at the truth—especially the situations that have involved business email compromise (or BEC).…
via TrustedSec Blog (author: Thomas Millar)
Ghostwriter v4.1: The Custom Fields Update
#specterops
via SpecterOps Team Medium (author: Christopher Maddalena)
#specterops
via SpecterOps Team Medium (author: Christopher Maddalena)
Medium
Ghostwriter v4.1: The Custom Fields Update
Introducing the awesome changes in the latest Ghostwriter
❤1
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum
#trustedsec
Last year, Andrew and I posted a four (4) part blog series covering various Active Directory (AD) attributes and how…
via TrustedSec Blog (author: Megan Nilsen)
#trustedsec
Last year, Andrew and I posted a four (4) part blog series covering various Active Directory (AD) attributes and how…
via TrustedSec Blog (author: Megan Nilsen)