GitHub - SecureThisShit/WinPwn: Automation for internal Windows Penetrationtest / AD-Security - Still much work to do
https://github.com/SecureThisShit/WinPwn
https://github.com/SecureThisShit/WinPwn
GitHub
GitHub - S3cur3Th1sSh1t/WinPwn: Automation for internal Windows Penetrationtest / AD-Security
Automation for internal Windows Penetrationtest / AD-Security - S3cur3Th1sSh1t/WinPwn
Writing a Custom Shellcode Encoder – syscall59 – Medium
https://medium.com/syscall59/writing-a-custom-shellcode-encoder-31816e767611
https://medium.com/syscall59/writing-a-custom-shellcode-encoder-31816e767611
Medium
Writing a Custom Shellcode Encoder
An example of how to write a custom encoder and decoder in plain assembly.
An extensive step by step reverse engineering of a Linux CTF binary
http://blog.kartone.ninja/2019/03/25/when-a-reverse-me-ctf-binary-makes-you-loose-that-job/
http://blog.kartone.ninja/2019/03/25/when-a-reverse-me-ctf-binary-makes-you-loose-that-job/
Kartone Infosec Blog
An extensive step by step reverse engineering of a Linux CTF binary
...or in other words, when failing to reverse a CTF binary makes you loose a job
A mimikatz update to start the week... introducing very experimental ARM64 support 🥳 for Windows 10 (1803), with a tons of bugfixes and two or three little things for pleasure
https://t.co/Wzb5GAfWfd
Yes, it still support Windows XP 😉
https://t.co/Wzb5GAfWfd
Yes, it still support Windows XP 😉
GitHub
Releases · gentilkiwi/mimikatz
A little tool to play with Windows security. Contribute to gentilkiwi/mimikatz development by creating an account on GitHub.
Compilation of recon workflows · Pentester Land
https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html
https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html
Pentester Land
Compilation of recon workflows
Hi, this is a compilation of recon workflows found online. Use it as inspiration for creating your own Web pentest / bug bounty recon workflow.
These are all the ones that I could find. So if yours is missing and you want to see it featured above too, please…
These are all the ones that I could find. So if yours is missing and you want to see it featured above too, please…
Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr — Part 1
https://blog.appsecco.com/automating-discovery-and-exploiting-dom-client-xss-vulnerabilities-using-sboxr-part-1-2e55c120c9e1
https://blog.appsecco.com/automating-discovery-and-exploiting-dom-client-xss-vulnerabilities-using-sboxr-part-1-2e55c120c9e1
Medium
Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr — Part 1
This series of blogposts show how you can identify DOM XSS issues using Sboxr on Single Page or JavaScript rich applications. As examples…
GitHub - outflanknl/Excel4-DCOM: PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)
https://github.com/outflanknl/Excel4-DCOM
https://github.com/outflanknl/Excel4-DCOM
GitHub
GitHub - outflanknl/Excel4-DCOM: PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM…
PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe) - outflanknl/Excel4-DCOM
How to Find Subdomains (And Why You Should) – Katerina Borodina – Medium
https://www.explainhownow.com/2019/how-to-find-subdomains/
https://www.explainhownow.com/2019/how-to-find-subdomains/
GitHub - BloodHoundAD/BloodHound-Tools: Miscellaneous tools for BloodHound
https://github.com/BloodHoundAD/BloodHound-Tools
https://github.com/BloodHoundAD/BloodHound-Tools
GitHub
GitHub - BloodHoundAD/BloodHound-Tools: Miscellaneous tools for BloodHound
Miscellaneous tools for BloodHound. Contribute to BloodHoundAD/BloodHound-Tools development by creating an account on GitHub.
One-liner Safari sandbox escape exploit – 0xCC – Medium
https://medium.com/0xcc/one-liner-safari-sandbox-escape-exploit-91082ddbe6ef
https://medium.com/0xcc/one-liner-safari-sandbox-escape-exploit-91082ddbe6ef
Just released part 1 of analyzing WannaCry in Ghidra! In this video we will find the killswitch, look at its installation/persistence methods and extract/decrypt the resources contained in the malware! https://t.co/d06xnVMRPC
YouTube
Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra
In this first video of the "Reversing WannaCry" series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry. The ...
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an…
https://doublepulsar.com/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
https://doublepulsar.com/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
Medium
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation
How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to…
Owning the Network with BadUSB – Tenable TechBlog – Medium
https://medium.com/tenable-techblog/owning-the-network-with-badusb-72daa45d1b00
https://medium.com/tenable-techblog/owning-the-network-with-badusb-72daa45d1b00
Medium
Owning the Network with BadUSB
Man-in-the-Middle with a Raspberry Pi
A Pentester's Guide - Part 1 (OSINT - Passive Recon and Discovery of Assets) | Sequoia
https://www.sequoiacybersolutions.com/a-pentesters-guide-part-1-osint-passive-recon-and-discovery-of-assets/
https://www.sequoiacybersolutions.com/a-pentesters-guide-part-1-osint-passive-recon-and-discovery-of-assets/
Magento 2.2.0 <= 2.3.0 Unauthenticated SQLi
https://www.ambionics.io/blog/magento-sqli
https://www.ambionics.io/blog/magento-sqli
Ambionics
Magento 2.2.0 <= 2.3.0 Unauthenticated SQLi
Several flaws have been identified in the latest version of Magento 2, allowing an attacker to obtain complete control over the server. We're now releasing the exploit for the unauthenticated SQL injection. We'll release the details for the RCE vulnerability…
Wagging the Dog: Abusing Resource-Based Constrained Delegation to Attack Active Directory | Shenanigans Labs
https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
Shenanigans Labs
Wagging the Dog: Abusing Resource-Based Constrained Delegation to Attack Active Directory
Back in March 2018, I embarked on an arguably pointless crusade to prove that the TrustedToAuthForDelegation attribute was meaningless, and that “protocol transition” can be achieved without it. I believed that security wise, once constrained delegation was…
Ever wanted to better understand how Windows Defender implements its signatures? Here's a first step. I wrote a thing to decompress WDAV .vdm files. https://t.co/TKMILmcllL
Gist
Decompresses Windows Defender AV signatures for exploration purposes
Decompresses Windows Defender AV signatures for exploration purposes - ExpandDefenderSig.ps1
An intro to pentesting an Android phone – Noteworthy - The Journal Blog
https://blog.usejournal.com/an-intro-to-pentesting-an-android-phone-464ec4860f39
https://blog.usejournal.com/an-intro-to-pentesting-an-android-phone-464ec4860f39
Medium
Pentesting Android applications by reversing and finding attack surfaces
In this past semester, I was taking a cybersecurity class. Since our awesome professor believe in the concept that we learn by doing and…
Hidden Markov Model For Insider Threat Detection – ASecuritySite: When Bob Met Alice – Medium
https://medium.com/asecuritysite-when-bob-met-alice/hidden-markov-model-for-insider-threat-detection-97a9a187ae6f
https://medium.com/asecuritysite-when-bob-met-alice/hidden-markov-model-for-insider-threat-detection-97a9a187ae6f
Medium
Hidden Markov Model For Insider Threat Detection
One of the most difficult threats to detect is the insider threat, especially when related to the detection to fraud. Normally we detect…
GitHub - Voorivex/pentest-guide: Penetration tests cases, resources and guidelines.
https://github.com/Voorivex/pentest-guide
https://github.com/Voorivex/pentest-guide
GitHub
GitHub - Voorivex/pentest-guide: Penetration tests guide based on OWASP including test cases, resources and examples.
Penetration tests guide based on OWASP including test cases, resources and examples. - Voorivex/pentest-guide