Hello again. In my previous posts I detailed how to manually get SYSTEM shell from Local Administrators users. That’s interesting but very late game during a penetration assessment as it is presumed that you already owned the target machine.

In this post I wanted to look at a technique which is by no means new to .NET developers, but may prove useful to redteamers crafting their tools... exporting .NET static methods within a DLL... AKA using RunDLL32 to launch your .NET assembly.

Symantec uncovers tool used by Lazarus to carry out ATM attacks.

Expectations v/s Reality 👨‍💻

This article is about Post Exploitation using the WMIC (Windows Management Instrumentation Command Line). When an Attacker gains a meterpreter session on a Remote PC,

byt3bl33d3r, /dev/random > blog.py

Hello Everyone,

Hide your Powershell script in plain sight. Bypass all Powershell security features - OmerYa/Invisi-Shell

Background

Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams. - outflanknl/Invoke-ADLabDeployer

#CVE-2018-14667 RichFaces Framework 3.X through 3.3.4 Expression Language (EL) injection CC:@joaomatosf nice 👍 https://t.co/sSG7Vb7f6s

The following blog post introduces a new lateral movement technique that combines the power of DCOM and HTA. The research on this t...

Bypassing disabled exec functions in PHP (c) CRLF. Contribute to Bo0oM/PHP_imap_open_exploit development by creating an account on GitHub.