Local policies restrictions/Defender/#AMSI bypass using WMI and p0wnedShell + Meterpreter session
https://cobbr.io/ScriptBlock-Logging-Bypass.html
https://cobbr.io/ScriptBlock-Logging-Bypass.html
Password Tips from a Pen Tester: Are 12-Character Passwords Really Stronger, or Just a Dime a Dozen?
https://blog.rapid7.com/2018/09/26/password-tips-from-a-pen-tester-are-12-character-passwords-really-stronger-or-just-a-dime-a-dozen/
#msf
https://blog.rapid7.com/2018/09/26/password-tips-from-a-pen-tester-are-12-character-passwords-really-stronger-or-just-a-dime-a-dozen/
#msf
Rapid7
[Research] Password Best Practices: 12- vs. 8-Character Limits | Rapid7 Blog
The most common passwords are a variation of company name and "password" and the season/year. But what happens if we boost the password length requirement?
#Formjacking attacks are on the rise, with the recent #Magecart attacks on several high-profile businesses. Symantec has blocked almost 250,000 formjacking attempts since mid-August.
symc.ly/2xBEBVw
symc.ly/2xBEBVw
Detecting Lateral Movements in Windows Infrastructure
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf
#windows
#security
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf
#windows
#security
https://sid-500.com/downloads/
Here you can find a collection of my PowerShell scripts and modules. Have fun with it!
#windows
#ps
Here you can find a collection of my PowerShell scripts and modules. Have fun with it!
#windows
#ps
SID-500.COM
Downloads
Welcome to the downloads section! Here you can find a collection of my PowerShell scripts and modules. Active Directory Domain Services Section (1.1) AD SectionDownload Alert me, if a DC is do…
Three New DDE Obfuscation Methods
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
#office
#windows
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
#office
#windows
ReversingLabs
Three New DDE Obfuscation Methods
Cisco Talos and ReversingLabs discover a new spam campaign spreading the Adwind 3.0 remote access tool (RAT), ReversingLabs details three new DDE obfuscation methods.
#Telegram Calling Feature Found Leaking both Your Private and Public IP Addresses
https://thehackernews.com/2018/09/hack-telegram-messenger.html
https://thehackernews.com/2018/09/hack-telegram-messenger.html
hiding-metasploit-shellcode-to-evade-windows-defender - the code :
https://github.com/phackt/stager.dll
https://github.com/phackt/stager.dll
GitHub
GitHub - phackt/stager.dll: Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows…
Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/ - phackt/stager.dll
PowerShell Obfuscation Using SecureString https://bit.ly/2p2m0x5
#infosec #security #PowerShell #malware
#infosec #security #PowerShell #malware
molten - A minimal, extensible, fast and productive framework for building HTTP APIs with Python 3.6 and later.
https://github.com/Bogdanp/molten
https://github.com/Bogdanp/molten
GitHub
GitHub - Bogdanp/molten: A minimal, extensible, fast and productive framework for building HTTP APIs with Python 3.6 and later.
A minimal, extensible, fast and productive framework for building HTTP APIs with Python 3.6 and later. - Bogdanp/molten
TIDoS Framework
The Offensive Web Application Penetration Testing Framework.
https://github.com/theInfectedDrake/TIDoS-Framework
#web
#pentest
The Offensive Web Application Penetration Testing Framework.
https://github.com/theInfectedDrake/TIDoS-Framework
#web
#pentest
Hackers Can Stealthily Avoid Traps Set to Defend the Cloud
https://www.wired.com/story/aws-honeytoken-hackers-avoid/
#cloud
https://www.wired.com/story/aws-honeytoken-hackers-avoid/
#cloud
WIRED
Hackers Can Stealthily Avoid Traps Set to Defend the Cloud
In the cat and mouse game of protecting cloud services, attackers find a sneaky advantage.