hackspace
@hackspace
165 subscribers
283 photos
82 videos
25 files
1.02K links
hackspace
Download Telegram
About
Blog
Apps
Platform
Join
hackspace
165 subscribers
hackspace
HowTo: MSF-Email – HanseSecure
https://hansesecure.de/2018/04/howto-msf-email/
47 views
hackspace
docker run -it --entrypoint=/bin/sh --name crackmapexec byt3bl33d3r/crackmapexec
47 views
hackspace
Proxyjump, the SSH option you probably never heard of
https://medium.com/maverislabs/proxyjump-the-ssh-option-you-probably-never-heard-of-2d7e41d43464
Medium
Proxyjump, the SSH option you probably never heard of
Today, it is becoming more and more common for Penetration Testers, Security Researchers, Red Teams, and the like to require some sort of…
47 views
hackspace
https://eldeeb.net/wrdprs/?p=71
Sherif Eldeeb Blog.
Changing meterpreter/reverse_http “User-Agent:” and “Server:” strings
EDIT 2012-07-01: Please read HD’s comment below, as of 1st of July 2012, you can set “MeterpreterUserAgent” and “MeterpreterServerName” to do that from the framework i…
46 views
hackspace
GitHub - mhaskar/CVE-2020-14947: The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947
https://github.com/mhaskar/CVE-2020-14947
GitHub
GitHub - mhaskar/CVE-2020-14947: The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947
The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947 - mhaskar/CVE-2020-14947
46 views
hackspace
https://github.com/wietze/windows-dll-hijacking/
GitHub
GitHub - wietze/windows-dll-hijacking: Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.
Project for identifying executables and DLLs vulnerable to relative path DLL hijacking. - wietze/windows-dll-hijacking
49 views
hackspace
https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite
GitHub
GitHub - peass-ng/PEASS-ng: PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors) - peass-ng/PEASS-ng
49 views
hackspace
Antivirus Evasion with Python - Pentestmag
https://pentestmag.com/antivirus-evasion-with-python/
Pentestmag
Antivirus Evasion with Python - Pentestmag
Antivirus Evasion with Python by Marcelo Sacchetin Summary When deploying defense in depth security controls for your organization, you are …
53 views
hackspace
nccfsas/Tools/spoolsystem at main · nccgroup/nccfsas · GitHub
https://github.com/nccgroup/nccfsas/tree/main/Tools/spoolsystem
GitHub
nccfsas/Tools/spoolsystem at main · nccgroup/nccfsas
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team. - nccgroup/nccfsas
56 views
hackspace
Reverse Engineering Malware, Part 4: Windows Internals
https://www.hackers-arise.com/single-post/2017/07/04/Reverse-Engineering-Malware-Part-4-Windows-Internals
hackers-arise
Reverse Engineering Malware, Part 4: Windows Internals
Welcome back to my Reverse Engineering Malware series. In general, reverse engineering of malware is done on Windows systems. That's because despite recent inroads by Linux and the Mac OS, Windows systems still comprise over 90% of all computing systems in…
74 views
hackspace
🙃
47 views
hackspace
Fuzzing FastCGI With AFL-Fuzz. This is the very long tale of my… | by Omaid Faizyar | Jul, 2020 | Medium
https://medium.com/@omaidfaizyar/fuzzing-fastcgi-an-odyssey-4ffc1c72a732
Medium
Fuzzing FastCGI With AFL-Fuzz
This is the very long tale of my adventures in fuzzing FastCGI with AFL-Fuzz. If you’re interested in fuzzing a FastCGI binary, look no…
49 views
hackspace
Quick list of some app whitelist bypasses to try..

forfiles /p c:\windows\system32 /m notepad.exe /c <bin>

explorer.exe /root,"<bin>"

pcalua.exe -a <bin>

scriptrunner.exe -appvscript <bin>

wmic process call create <bin>

rundll32.exe advpack.dll, RegisterOCX <bin>
49 views
hackspace
Top 16 Active Directory Vulnerabilities - InfosecMatter
https://www.infosecmatter.com/top-16-active-directory-vulnerabilities/
InfosecMatter
Top 16 Active Directory Vulnerabilities - InfosecMatter
Practical steps on how to pentest Active Directory environments using a list of most common AD vulnerabilities. Tools and command examples for testing and exploitation of AD vulnerabilities.
53 views
hackspace
AD Attack

1) Performing domain recon using PS
https://t.co/Pt6VpJqGdO

2) Attack mapping with bloodhound
https://t.co/CpmB4XW3pq

3) Extracting passwd hashes
https://t.co/f55XUSyx1k

4) Pass-the-hash attacks with mimikatz
https://t.co/PPkBjPpVgK
Stealthbits Technologies
Performing Domain Reconnaissance Using PowerShell
In this post, we will cover a few of the different ways that PowerShell can be used by attackers to map out your environment and chose their targets.
58 views
hackspace
HTTP(s) C2 Pivoting. Introduction | by Steve Borosh | Jul, 2020 | Medium
https://medium.com/@rvrsh3ll/offensive-internal-http-s-agent-pivoting-2e9b4b7e58d8
Medium
Offensive Internal HTTP(s) Agent Pivoting
Introduction
58 views
hackspace
50 views
hackspace
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/
Check Point Research
SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers - Check Point Research
Research by: Sagi Tzadik Introduction DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are…
56 views
hackspace
https://itm4n.github.io/cve-2020-1170-windows-defender-eop/
itm4n’s blog
CVE-2020-1170 - Microsoft Windows Defender Elevation of Privilege Vulnerability
Here is my writeup about CVE-2020-1170, an elevation of privilege bug in Windows Defender. Finding a vulnerability in a security-oriented product is quite satisfying. Though, there was nothing groundbreaking. It’s quite the opposite actually and I’m surprised…
57 views
hackspace
GitHub - Q4n/CVE-2020-1362: writeup of CVE-2020-1362
https://github.com/Q4n/CVE-2020-1362
44 views