How does Apple (privately) find your offline devices? – A Few Thoughts on Cryptographic Engineering
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
A Few Thoughts on Cryptographic Engineering
How does Apple (privately) find your offline devices?
At Monday’s WWDC conference, Apple announced a cool new feature called “Find My”. Unlike Apple’s “Find my iPhone”, which uses cellular communication and the lost…
How Red Teams Bypass AMSI and WLDP for .NET Dynamic Code – modexp
https://modexp.wordpress.com/2019/06/03/disable-amsi-wldp-dotnet/amp/?__twitter_impression=true
https://modexp.wordpress.com/2019/06/03/disable-amsi-wldp-dotnet/amp/?__twitter_impression=true
modexp
How Red Teams Bypass AMSI and WLDP for .NET Dynamic Code
Introduction Previous Research AMSI Example in C AMSI Context AMSI Initialization AMSI Scanning CLR Implementation of AMSI AMSI Bypass A (Patching Data) AMSI Bypass B (Patching Code 1) AMSI Bypass …
Exploring Mimikatz - Part 2 - SSP
https://blog.xpnsec.com/exploring-mimikatz-part-2/amp/?__twitter_impression=true
https://blog.xpnsec.com/exploring-mimikatz-part-2/amp/?__twitter_impression=true
XPN InfoSec Blog
Exploring Mimikatz - Part 2 - SSP
If you haven't had a chance to check it out, take a look here. Continuing on, in this post we will review what has become a nice way of subverting security controls added by Microsoft to prevent dumping of credentials, as well as extracting credentials as…
GitHub - The-Cracker-Technology/ANDRAX-Mobile-Pentest: ANDRAX The first and unique Penetration Testing platform for Android smartphones
https://github.com/The-Cracker-Technology/ANDRAX-Mobile-Pentest/
https://github.com/The-Cracker-Technology/ANDRAX-Mobile-Pentest/
GitHub - Sheisback/CVE-2019-0859-1day-Exploit: CVE-2019-0859 1day Exploit
https://github.com/Sheisback/CVE-2019-0859-1day-Exploit
https://github.com/Sheisback/CVE-2019-0859-1day-Exploit
GitHub
GitHub - Sheisback/CVE-2019-0859-1day-Exploit: CVE-2019-0859 1day Exploit
CVE-2019-0859 1day Exploit. Contribute to Sheisback/CVE-2019-0859-1day-Exploit development by creating an account on GitHub.
Magic Unicorn v3.8 released.
Adds noexit randomization, python3 fixes and support and auto check for 64 bit shellcode.
https://t.co/tYdDIjWTVv
Adds noexit randomization, python3 fixes and support and auto check for 64 bit shellcode.
https://t.co/tYdDIjWTVv
GitHub
trustedsec/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique...
If you use #BurpSuite and Firefox, your Burp probably catches a bunch of distracting Firefox traffic like captive portal detection, OCSP, update checks etc.
To have this traffic bypass burp proxy, you can use FoxyProxy allow/deny lists. My config is at: https://t.co/Z6K9ybGO59
To have this traffic bypass burp proxy, you can use FoxyProxy allow/deny lists. My config is at: https://t.co/Z6K9ybGO59
Gist
foxyproxy.json
GitHub Gist: instantly share code, notes, and snippets.
Subdomain Takeover:-
Part 1:- Basics.
https://t.co/mFjrw7npbN
Part 2:- Thoughts on Risks.
https://t.co/rxVrRJBxiL
Part 3:- Going beyond CNAME.
https://t.co/8LshILQWLB
Part 1:- Basics.
https://t.co/mFjrw7npbN
Part 2:- Thoughts on Risks.
https://t.co/rxVrRJBxiL
Part 3:- Going beyond CNAME.
https://t.co/8LshILQWLB
Patrik Hudak
Subdomain Takeover: Basics
Although I have written multiple posts about subdomain takeover, I realized that there aren't many posts covering basics of subdomain takeover and the whole "problem statement." This post aims to explain (in-depth) the entire subdomain takeover problem once…
Userrecon : Find Usernames Across Over 75 Social Networks : https://t.co/b3GqeHIiYy
GitHub
thelinuxchoice/userrecon
Find usernames across over 75 social networks. Contribute to thelinuxchoice/userrecon development by creating an account on GitHub.
Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin - dirkjanm.io
https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin/
https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin/
dirkjanm.io
Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin
Earlier this week, Microsoft issued patches for CVE-2019-1040, which is a vulnerability that allows for bypassing of NTLM relay mitigations. The vulnerability was discovered by Marina Simakov and Yaron Zinar (as well as several others credited in the Microsoft…
Using Nmap to extract Windows host and domain information via RDP | Faded Lab
https://fadedlab.wordpress.com/2019/06/13/using-nmap-to-extract-windows-info-from-rdp/
https://fadedlab.wordpress.com/2019/06/13/using-nmap-to-extract-windows-info-from-rdp/
Faded Lab
Using Nmap to extract Windows host and domain information via RDP
I’ve recently spent some time in various code bases working on Windows RDP related discovery. This post is going to talk about using a new Nmap script, rdp-ntlm-info.nse, against RDP services…
Guide 001 | Getting Started in Bug Bounty Hunting..
1.Basics of Networks, Programming & Automation
2.Learning about Vulnerabilities, Resource for practicing, Tools…
3.Selecting a target, starting tests & writing reports
https://t.co/XK5eR2zm8h
1.Basics of Networks, Programming & Automation
2.Learning about Vulnerabilities, Resource for practicing, Tools…
3.Selecting a target, starting tests & writing reports
https://t.co/XK5eR2zm8h
Muhammad Khizer Javed
Guide 001 |Getting Started in Bug Bounty Hunting..
A Noobs Guide to Getting Started in Bug Bounty Hunting | Muhammad Khizer Javed, whoami.securitybreached.org | aslicybersecurity.com | @KHIZER_JAVED47 No one will tell you anything or everything abo…
Linux for Pentester: APT Privilege Escalation
Exploiting Sudo rights: Method -I
sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash https://t.co/iv7saeYsr6
Exploiting Sudo rights: Method -I
sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash https://t.co/iv7saeYsr6
Twitter
김진욱
Linux for Pentester: APT Privilege Escalation Exploiting Sudo rights: Method -I sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash
GitHub - sdcampbell/Internal-Pentest-Playbook: Internal Network Penetration Test Playbook
https://github.com/sdcampbell/Internal-Pentest-Playbook
https://github.com/sdcampbell/Internal-Pentest-Playbook
GitHub
GitHub - sdcampbell/Internal-Pentest-Playbook: Internal Network Penetration Test Playbook
Internal Network Penetration Test Playbook. Contribute to sdcampbell/Internal-Pentest-Playbook development by creating an account on GitHub.
GitHub - emadshanab/WordLists-20111129: A lists of words based on common web directory and file names lists of words based on common web directory and file names. These wordlists are for Web security testing purpose.
https://github.com/emadshanab/WordLists-20111129
https://github.com/emadshanab/WordLists-20111129
GitHub
GitHub - emadshanab/WordLists-20111129: A lists of words based on common web directory and file names lists of words based on common…
A lists of words based on common web directory and file names lists of words based on common web directory and file names. These wordlists are for Web security testing purpose. - emadshanab/WordLis...
GitHub - dukebarman/ghidra-builder: Docker image for building ghidra RE framework from source
https://github.com/dukebarman/ghidra-builder
https://github.com/dukebarman/ghidra-builder
GitHub
GitHub - dukebarman/ghidra-builder: Docker image for building ghidra RE framework from source
Docker image for building ghidra RE framework from source - dukebarman/ghidra-builder
The Return of the WIZard: RCE in Exim - GlitchWitch.IO
https://glitchwitch.io/blog/2019-06/exploiting-cve-2019-10149/
https://glitchwitch.io/blog/2019-06/exploiting-cve-2019-10149/