Blind Command Injection Testing with Burp Collaborator
https://hk.saowen.com/a/2d57cca70a0fc0b21138211a1cb83e8c51af27b3dff57c3dbb51343549a39626
https://hk.saowen.com/a/2d57cca70a0fc0b21138211a1cb83e8c51af27b3dff57c3dbb51343549a39626
Information Security
Photo
SwampThing
SwampThing lets you to spoof process command line args (x32/64). Essentially you create a process in a suspended state, rewrite the PEB, resume and finally revert the PEB. The end result is that logging infrastructure will record the fake command line args instead of the real ones. Think for example about launching a wmic xsl stylesheet for code execution but faking an innocuous wmic command.
https://github.com/FuzzySecurity/Sharp-Suite
SwampThing lets you to spoof process command line args (x32/64). Essentially you create a process in a suspended state, rewrite the PEB, resume and finally revert the PEB. The end result is that logging infrastructure will record the fake command line args instead of the real ones. Think for example about launching a wmic xsl stylesheet for code execution but faking an innocuous wmic command.
https://github.com/FuzzySecurity/Sharp-Suite
GitHub
GitHub - FuzzySecurity/Sharp-Suite: Also known by Microsoft as Knifecoat :hot_pepper:
Also known by Microsoft as Knifecoat :hot_pepper:. Contribute to FuzzySecurity/Sharp-Suite development by creating an account on GitHub.
Pwning computers using Telegram bot API
https://0x00-0x00.github.io/tools/2018/12/10/Pwning-Computers-using-Telegram-bot-API.html
https://0x00-0x00.github.io/tools/2018/12/10/Pwning-Computers-using-Telegram-bot-API.html
From blind XXE to root-level file read access
https://www.honoki.net/2018/12/from-blind-xxe-to-root-level-file-read-access/
https://www.honoki.net/2018/12/from-blind-xxe-to-root-level-file-read-access/
flare-emu
flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks.
https://github.com/fireeye/flare-emu
flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks.
https://github.com/fireeye/flare-emu
Office VBA + AMSI: Parting the veil on malicious macros
https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/
https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/
Hardening Microsoft Windows 10 version 1709 Workstations
https://acsc.gov.au/publications/protect/Hardening_Win10.pdf
https://acsc.gov.au/publications/protect/Hardening_Win10.pdf
What the HELK? SIGMA integration via Elastalert
https://posts.specterops.io/what-the-helk-sigma-integration-via-elastalert-6edf1715b02
https://posts.specterops.io/what-the-helk-sigma-integration-via-elastalert-6edf1715b02
Offline Attacks on Active Directory
https://www.dsinternals.com/wp-content/uploads/HIP_AD_Offline_Attacks.pdf
https://www.dsinternals.com/wp-content/uploads/HIP_AD_Offline_Attacks.pdf
PowerShell Strict Mode http://bit.ly/2Cw8BXE #PowerShell
devblackops.io
PowerShell Strict Mode
Customized PSExec via Reflective DLL
https://ijustwannared.team/2018/07/13/customized-psexec-via-reflective-dll/
https://ijustwannared.team/2018/07/13/customized-psexec-via-reflective-dll/
Elevating AD Domain Access With Write Access on the Domain NC Head
https://sdmsoftware.com/group-policy-blog/security-policy/elevating-ad-domain-access-with-write-access-on-the-domain-nc-head/
https://sdmsoftware.com/group-policy-blog/security-policy/elevating-ad-domain-access-with-write-access-on-the-domain-nc-head/