Exploit Development with AFL, PEDA and PwnTools
http://thecyberrecce.net/2017/07/28/exploit-development-with-afl-peda-and-pwntools/
http://thecyberrecce.net/2017/07/28/exploit-development-with-afl-peda-and-pwntools/
thecyberrecce.net
Exploit Development with AFL, PEDA and PwnTools
Introduction In a previous post, we studied how to fuzz a simple homemade 64-bit program using AFL. We found that we could cause a segmentation fault in the target using some specific inputs. In thβ¦
Idiotβs quick & dirty guide to buffer overflow on GNU/Linux X64 architecture
https://decoder.cloud/2017/01/25/idiots-guide-to-buffer-overflow-on-gnulinux-x64-architecture/
https://decoder.cloud/2017/01/25/idiots-guide-to-buffer-overflow-on-gnulinux-x64-architecture/
Decoder's Blog
Idiotβs quick & dirty guide to buffer overflow on GNU/Linux X64 architecture
In this short guide Iβll show you how to exploit a very simple buffer overflow on a linux X64 system and obtain a shell. I wonβt tell you about ASM, stacks, registers and so on.. you caβ¦
Kerberosity Killed the Domain: An Offensive Kerberos Overview
https://posts.specterops.io/kerberosity-killed-the-domain-an-offensive-kerberos-overview-eb04b1402c61
#AD
https://posts.specterops.io/kerberosity-killed-the-domain-an-offensive-kerberos-overview-eb04b1402c61
#AD
Medium
Kerberosity Killed the Domain: An Offensive Kerberos Overview
Kerberos is the preferred way of authentication in a Windows domain, with NTLM being the alternative. Kerberos authentication is a veryβ¦
Kerberoasting Without Mimikatz
http://www.harmj0y.net/blog/powershell/kerberoasting-without-mimikatz/
http://www.harmj0y.net/blog/powershell/kerberoasting-without-mimikatz/
Reversing Firmware With Radare
https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html
https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html
Bored Nerds Blog
Reversing Firmware With Radare
Hello everyone! Hereβs a quick guide on reversing firmware w/ radare. Or, rather, loading firmware into radare; the process of reversing software in any disassembler is a little beyond the scope of any one blog post.
Buat isi WFH nya π
https://www.sans.org/blog/and-now-for-something-awesome-sans-launches-new-series-of-worldwide-capture-the-flag-cyber-events
https://www.sans.org/blog/and-now-for-something-awesome-sans-launches-new-series-of-worldwide-capture-the-flag-cyber-events
www.sans.org
Take Me to the Cyber Ranges: New Series of Virtual Capture-the-Flag Cyber Challenges | SANS Institute
SANS NetWars is offering free virtual cyber range challenge opportunities for learning & upskilling in these unprecedented times.
Red Team Tactics: Advanced process monitoring techniques in offensive operations
https://outflank.nl/blog/2020/03/11/red-team-tactics-advanced-process-monitoring-techniques-in-offensive-operations/
https://outflank.nl/blog/2020/03/11/red-team-tactics-advanced-process-monitoring-techniques-in-offensive-operations/
Lessons learned on written social engineering attacks
https://diablohorn.com/2020/03/04/lessons-learned-on-written-social-engineering-attacks/
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
https://diablohorn.com/2020/03/04/lessons-learned-on-written-social-engineering-attacks/
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
DiabloHorn
Lessons learned on written social engineering attacks
Iβve had some interesting conversations on the topic of performing social engineering attacks via email and decided to share some of my past lessons learned. The focus will not be so much on β¦
Leveraging AWS for Incident Response: Part 1
https://medium.com/faun/leveraging-aws-for-incident-response-part-1-2963bb31bc05
βββββββββββββββββββββ-
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
https://medium.com/faun/leveraging-aws-for-incident-response-part-1-2963bb31bc05
βββββββββββββββββββββ-
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
Medium
Leveraging AWS for Incident Response: Part 1
When an incident occurs, time is everything. One significant challenge Iβve experience performing incident response is working with theβ¦
Password Spraying & Other Fun with RPCCLIENT
https://www.blackhillsinfosec.com/password-spraying-other-fun-with-rpcclient/
https://www.blackhillsinfosec.com/password-spraying-other-fun-with-rpcclient/
Black Hills Information Security
Password Spraying & Other Fun with RPCCLIENT - Black Hills Information Security
Joff Thyer // Many of us in the penetration testing community arβe used to scenarios whereby we land a targeted phishing campaign within a Windows enterprise environment and have [β¦]
Kerberoasting: AES Encryption, Protected User Group and Group MSA
https://dev-2null.github.io/Kerberoasting-AES-Encryption-Protected-Users-Group-and-gMSA/
https://dev-2null.github.io/Kerberoasting-AES-Encryption-Protected-Users-Group-and-gMSA/
dev-2null.github.io
Kerberoasting: AES Encryption, Protected User Group and Group MSA
Introduction
What is your favourite topic?
Anonymous Poll
26%
Active Directory
45%
Reverse Engineering
48%
Exploit Development
29%
OSINT
12%
PowerShell
If you have any suggestions, please don't hesitate to contact me at @petruknisme
Leveraging AWS for Incident Response: Part 2
https://medium.com/faun/leveraging-aws-for-incident-response-part-2-bac66bfaf1a1
βββββββββββββββββββββ-
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
https://medium.com/faun/leveraging-aws-for-incident-response-part-2-bac66bfaf1a1
βββββββββββββββββββββ-
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
Medium
Leveraging AWS for Incident Response: Part 2
In my previous post (https://medium.com/@tstillz17/leveraging-aws-for-incident-response-part-1-2963bb31bc05) we covered how AWS resourcesβ¦
Stanford Web Security Course
https://web.stanford.edu/class/cs253/
https://web.stanford.edu/class/cs253/
web.stanford.edu
CS253 - Web Security
Principles of web security. The fundamentals and state-of-the-art in web security. Attacks and countermeasures. Topics include: the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-originβ¦