RDP Man-in-the-Middle – Smile! You’re on Camera :: GoSecure
https://gosecure.net/2018/12/19/rdp-man-in-the-middle-smile-youre-on-camera/
https://gosecure.net/2018/12/19/rdp-man-in-the-middle-smile-youre-on-camera/
GoSecure
RDP Man-in-the-Middle - Smile! You're on Camera
As part of our four-month internship at GoSecure, we chose to work on creating a Remote Desktop Protocol (RDP) honeypot. To achieve this, we used a Linux server with an RDP man-in-the-middle (MITM) program that redirects traffic to a real Windows Server.
Hidden directories and files as a source of sensitive information about web application
https://medium.com/@_bl4de/hidden-directories-and-files-as-a-source-of-sensitive-information-about-web-application-84e5c534e5ad
https://medium.com/@_bl4de/hidden-directories-and-files-as-a-source-of-sensitive-information-about-web-application-84e5c534e5ad
Exploit PHP Remotely - WAF Rule & Filter Bypass
https://www.secjuice.com/php-rce-bypass-filters-sanitization-waf/
https://www.secjuice.com/php-rce-bypass-filters-sanitization-waf/
Multiple Ways To Exploiting HTTP Authentication
https://www.hackingarticles.in/multiple-ways-to-exploiting-http-authentication/
https://www.hackingarticles.in/multiple-ways-to-exploiting-http-authentication/
Hacking Articles
Multiple Ways To Exploiting HTTP Authentication - Hacking Articles
In this article, we will learn about how to configure the password-protected Apache Web Server to restrict from online visitors without validation so that we
The Difference Between a Penetration Test and a Red Team Engagement | Daniel Miessler
https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/
https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/
Danielmiessler
The Difference Between a Penetration Test and a Red Team Engagement
One of the most frustrating things to me as a security person is having sales and marketing types confuse the different types of security assessment. Similariti
Cobaltstrike Over External C2 via Dropbox ·
https://truneski.github.io/blog/2018/11/05/cobaltstrike-over-external-c2-via-dropbox/
https://truneski.github.io/blog/2018/11/05/cobaltstrike-over-external-c2-via-dropbox/
Tampering with Windows Event Tracing: Background, Offense, and Defense
https://medium.com/palantir/tampering-with-windows-event-tracing-background-offense-and-defense-4be7ac62ac63
https://medium.com/palantir/tampering-with-windows-event-tracing-background-offense-and-defense-4be7ac62ac63
Medium
Tampering with Windows Event Tracing: Background, Offense, and Defense
Event Tracing for Windows (ETW) is the mechanism Windows uses to trace and log system events. Attackers often clear event logs to cover…
The Practical Guide to Hacking Bluetooth Low Energy
https://blog.attify.com/the-practical-guide-to-hacking-bluetooth-low-energy/
https://blog.attify.com/the-practical-guide-to-hacking-bluetooth-low-energy/
Attify Blog - IoT Security, Pentesting and Exploitation
The Practical Guide to Hacking Bluetooth Low Energy
Learn about various BLE vulnerabilities and the tools and techniques employed for performing attacks on Bluetooth Low Energy devices.
GitHub - ANSSI-FR/ORADAD: Outil de récupération automatique des données de l'Active Directory / Automated tool for dumping Active Directory data
https://github.com/ANSSI-FR/ORADAD
https://github.com/ANSSI-FR/ORADAD
GitHub
GitHub - ANSSI-FR/ORADAD: Outil de récupération automatique des données de l'Active Directory / Automated tool for dumping Active…
Outil de récupération automatique des données de l'Active Directory / Automated tool for dumping Active Directory data - ANSSI-FR/ORADAD
Red Teaming Mind Map from The Hacker Playbook 3 – Marco Lancini
https://www.marcolancini.it/2018/blog-hacker-playbook-mindmap/
https://www.marcolancini.it/2018/blog-hacker-playbook-mindmap/
Marco Lancini's Blog
Red Teaming Mind Map from The Hacker Playbook 3 | Marco Lancini's Blog
A high-level mind map to summarize all the techniques/tools covered by Peter Kim’s book.
SMB hash hijacking & user tracking in MS Outlook
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/may/smb-hash-hijacking-and-user-tracking-in-ms-outlook/
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/may/smb-hash-hijacking-and-user-tracking-in-ms-outlook/
Alternative methods of becoming SYSTEM
https://blog.xpnsec.com/becoming-system/
https://blog.xpnsec.com/becoming-system/
XPN InfoSec Blog
@_xpn_ - Alternative methods of becoming SYSTEM
For many pentesters, Meterpreter's getsystem command has become the default method of gaining SYSTEM account privileges, but have you ever have wondered just how this works behind the scenes? In this post I will show the details of how this technique works…
Reflected XSS on ws-na.amazon-adsystem.com(Amazon) – newp_th – Medium
https://medium.com/@newp_th/reflected-xss-on-ws-na-amazon-adsystem-com-amazon-f1e55f1d24cf
https://medium.com/@newp_th/reflected-xss-on-ws-na-amazon-adsystem-com-amazon-f1e55f1d24cf
Medium
Reflected XSS on ws-na.amazon-adsystem.com(Amazon)
This is @newp_th.This issue is very similar to my previous report on Reflected XSS on Stack Overflow.
Advanced Threat Tactics – Course and Notes | Strategic Cyber LLC
https://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/
https://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/
Expert published a PoC exploit code for RCE flaw in Microsoft Edge
https://securityaffairs.co/wordpress/79264/hacking/microsoft-edge-poc-exploit.html
https://securityaffairs.co/wordpress/79264/hacking/microsoft-edge-poc-exploit.html
Security Affairs
Expert published a PoC exploit code for RCE flaw in Microsoft Edge
The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629).
Automating AD Enumeration – InfoSec Write-ups – Medium
https://medium.com/bugbountywriteup/automating-ad-enumeration-with-frameworks-f8c7449563be
https://medium.com/bugbountywriteup/automating-ad-enumeration-with-frameworks-f8c7449563be
Medium
Automating AD Enumeration
Doing everything manually is cool, but how do we save time and money? A lot of times most of the enumeration stuff can be automated. But…
Introduction · Dostoevskylabs Pentest Notes
https://dostoevskylabs.gitbooks.io/dostoevskylabs-pentest-notes/content/
https://dostoevskylabs.gitbooks.io/dostoevskylabs-pentest-notes/content/
dostoevskylabs.gitbooks.io
Introduction · Dostoevskylabs Pentest Notes
Exploit Development - InfoSec Reference
https://rmusser.net/docs/Exploit%20Development.html
https://rmusser.net/docs/Exploit%20Development.html
Hunting for Privilege Escalation in Windows Environment - Speaker Deck
https://speakerdeck.com/heirhabarov/hunting-for-privilege-escalation-in-windows-environment
https://speakerdeck.com/heirhabarov/hunting-for-privilege-escalation-in-windows-environment
Speaker Deck
Hunting for Privilege Escalation in Windows Environment
Slides from my talk at the OFFZONE 2018 conference (https://www.offzone.moscow/report/hunting-for-privilege-escalation-in-windows-environment/)
GitHub - sundowndev/hacker-roadmap: A guide for amateurs pen testers and a collection of hacking tools, resources and references to practice ethical hacking, pen testing and web security.
https://github.com/sundowndev/hacker-roadmap
https://github.com/sundowndev/hacker-roadmap
GitHub
GitHub - sundowndev/hacker-roadmap: A collection of hacking tools, resources and references to practice ethical hacking.
A collection of hacking tools, resources and references to practice ethical hacking. - sundowndev/hacker-roadmap