Introduction

A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran.

There are many ways an attacker can gain Domain Admin rights in Active Directory. This post is meant to describe some of the more popular ones in current use. The techniques described here "assume breach" where an attacker already has a foothold on an internal…

Lateral Movement Technique Description

Iptables Essentials: Common Firewall Rules and Commands. - trimstray/iptables-essentials

When I’m on an engagement and I’m given a SOE and a domain account, I usually want to use a tool like PowerShell Empire to remotely…

Tool to make in memory man in the middle. Contribute to AMOSSYS/MemITM development by creating an account on GitHub.

Introduction extremely a splendid Invoke-Confusion is collections of modules Powershell inclusive some researches the modern between them .NET Reflection. Assembly, however, It contains aspects of …

For those who also face the Linux-to-Windows PowerShell struggle: I created a Docker image & blog post on how to use PowerShell remoting from a Linux client to a Windows target (post-exploitation, living off the land) https://t.co/x1zAEpVtOO

The following paper documents a possible PE file infection technique which covers a high level overview and the low level code of how both the infection and the resulting payload is executed. Please note that some of the following material may not be suited…

Introduction It has been more than a year since I published the concept of infecting an executable with shellcode here and recently I have been motivated to develop another PoC which follows the same path but at a more advanced level combining knowledge and…

A C# penetration testing tool to discover low-haning web fruit via web requests. - rvrsh3ll/SharpFruit