Forwarded from امنیت اطلاعات
Lateral Movement Using internetexplorer.Application Object ( COM )
https://homjxi0e.wordpress.com/2018/02/15/lateral-movement-using-internetexplorer-application-object-com/
https://homjxi0e.wordpress.com/2018/02/15/lateral-movement-using-internetexplorer-application-object-com/
automato.rb
automato uses native LDAP libraries to automate the collection and enumeration of various directory objects. This is incredibly useful during an internal penetration test.
automato can also conduct password spraying attacks, and identify if a user is a local administrator against any number of systems.
https://github.com/skahwah/automato
automato uses native LDAP libraries to automate the collection and enumeration of various directory objects. This is incredibly useful during an internal penetration test.
automato can also conduct password spraying attacks, and identify if a user is a local administrator against any number of systems.
https://github.com/skahwah/automato
GitHub
GitHub - skahwah/automato: automato should help with automating some of the user-focused enumeration tasks during an internal penetration…
automato should help with automating some of the user-focused enumeration tasks during an internal penetration test. - skahwah/automato
Injecting Code into Windows Protected Processes using COM - Part 2
https://googleprojectzero.blogspot.com/2018/11/injecting-code-into-windows-protected.html
https://googleprojectzero.blogspot.com/2018/11/injecting-code-into-windows-protected.html
Blogspot
Injecting Code into Windows Protected Processes using COM - Part 2
Posted by James Forshaw, Project Zero In my previous blog I discussed a technique which combined numerous issues I’ve previously repor...
If you haven't played with the (relatively) new automated encoding detection feature, aka "Magic", in CyberChef, throw an encoded PowerShell script into it this weekend. https://buff.ly/2BJy8u5
Revealing software-breakpoints from memory [linux version]
https://www.matteomalvica.com/blog/2018/12/02/revealing-software-breakpoints/
https://www.matteomalvica.com/blog/2018/12/02/revealing-software-breakpoints/
Three New DDE Obfuscation Methods
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
ReversingLabs
Three New DDE Obfuscation Methods
Cisco Talos and ReversingLabs discover a new spam campaign spreading the Adwind 3.0 remote access tool (RAT), ReversingLabs details three new DDE obfuscation methods.
DCOMrade. Powershell script for enumerating vulnerable DCOM Applications
https://github.com/sud0woodo/DCOMrade
https://github.com/sud0woodo/DCOMrade
GitHub
GitHub - sud0woodo/DCOMrade: Powershell script for enumerating vulnerable DCOM Applications
Powershell script for enumerating vulnerable DCOM Applications - sud0woodo/DCOMrade
Feature, not bug: DNSAdmin to DC compromise in one line
https://medium.com/@esnesenon/feature-not-bug-dnsadmin-to-dc-compromise-in-one-line-a0f779b8dc83
https://medium.com/@esnesenon/feature-not-bug-dnsadmin-to-dc-compromise-in-one-line-a0f779b8dc83
Medium
Feature, not bug: DNSAdmin to DC compromise in one line
Background
Capturing Screenshots with PowerShell and .NET
https://www.pdq.com/blog/capturing-screenshots-with-powershell-and-net/
https://www.pdq.com/blog/capturing-screenshots-with-powershell-and-net/
Pdq
How to take a screenshot with PowerShell | PDQ
Tired of using the same old tools to capture your screenshots? Discover how to take local and remote screenshots using PowerShell and impress all your techy friends.
RCE in Hubspot with EL injection in HubL
https://www.betterhacker.com/2018/12/rce-in-hubspot-with-el-injection-in-hubl.html
https://www.betterhacker.com/2018/12/rce-in-hubspot-with-el-injection-in-hubl.html
Betterhacker
RCE in Hubspot with EL injection in HubL
This is the story of how I was able to get remote code execution on Hubspot 's servers by exploiting a vulnerability in HubL expression la...
A collection of infrastructure related tests for use with #Pester & #PowerShell.
https://github.com/EvotecIT/PesterInfrastructureTests
https://github.com/EvotecIT/PesterInfrastructureTests
GitHub
EvotecIT/PesterInfrastructureTests
A collection of infrastructure related tests for use with Pester & PowerShell. - EvotecIT/PesterInfrastructureTests
Exploitation: XML External Entity (XXE) Injection
https://depthsecurity.com/blog/exploitation-xml-external-entity-xxe-injection
https://depthsecurity.com/blog/exploitation-xml-external-entity-xxe-injection