Release of an article on the experimental vector of pivoting against Windows

Caster - Windows Nightmare

https://blog.exploit.org/windows-nightmare

Beyond the Code: Art of AppSec in Java: Part 1

Master your knowledge of application security, follow best practices and become stronger with us.

https://blog.exploit.org/java-appsec/

NetArmor v1.1 released

+ Fixed ClientHello packet detection in TLS Fingerprinting

+ Advanced HTTP/2 Fingerprinting according to Akamai's White Paper

+ JDK 11 and upper support

+ ALPN support in Reactor Netty Provider

Github

Beyond the Code: Exposing in Disguise

In this article we will review the usage of such techniques as TLS (JA3) Fingerprinting, HTTP/2 Fingerprinting in a use case of malicious client detection.

https://blog.exploit.org/exposing-in-disguise/

New version of Above v2.5 sniffer

+ The tool now handles all frames and packets in the air
+ New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
+ New visual output of packets
+ Completely rewritten and simplified code, removed threads, removed dependency on pcap_analyzer
+ Fixed code for some protocols for error handling

https://github.com/casterbyte/Above/releases/tag/v2.5

Pivoting against Windows is a fairly complex post-exploitation process. In this article I will demonstrate my new method of link layer pivoting using SoftEther and without a virtual machine

Caster — Witchhammer

https://blog.exploit.org/witchhammer

Everything Lit: Ways to achieve UEFI persistence.

Just one view of "extreme" techniques. Imagination and knowledge is all you need!

https://blog.exploit.org/everything-lit/