Hardening Microsoft Windows 10 version 1709 Workstations
https://acsc.gov.au/publications/protect/Hardening_Win10.pdf
https://acsc.gov.au/publications/protect/Hardening_Win10.pdf
What the HELK? SIGMA integration via Elastalert
https://posts.specterops.io/what-the-helk-sigma-integration-via-elastalert-6edf1715b02
https://posts.specterops.io/what-the-helk-sigma-integration-via-elastalert-6edf1715b02
Offline Attacks on Active Directory
https://www.dsinternals.com/wp-content/uploads/HIP_AD_Offline_Attacks.pdf
https://www.dsinternals.com/wp-content/uploads/HIP_AD_Offline_Attacks.pdf
PowerShell Strict Mode http://bit.ly/2Cw8BXE #PowerShell
devblackops.io
PowerShell Strict Mode
Customized PSExec via Reflective DLL
https://ijustwannared.team/2018/07/13/customized-psexec-via-reflective-dll/
https://ijustwannared.team/2018/07/13/customized-psexec-via-reflective-dll/
Elevating AD Domain Access With Write Access on the Domain NC Head
https://sdmsoftware.com/group-policy-blog/security-policy/elevating-ad-domain-access-with-write-access-on-the-domain-nc-head/
https://sdmsoftware.com/group-policy-blog/security-policy/elevating-ad-domain-access-with-write-access-on-the-domain-nc-head/
Forwarded from امنیت اطلاعات
Gerix WiFi Cracker 2018
https://github.com/kimocoder/gerix-wifi-cracker
#wifi
#network
#pentest
@sec_nerd
https://github.com/kimocoder/gerix-wifi-cracker
#wifi
#network
#pentest
@sec_nerd
evil-ssdp. Spoof SSDP replies to phish for NTLM hashes on a network
https://gitlab.com/initstring/evil-ssdp
https://gitlab.com/initstring/evil-ssdp
GitLab
initstring / evil-ssdp · GitLab
Spoof SSDP replies to phish for credentials and NetNTLM challenge/response. Creates a fake UPNP device, tricking users into visiting a malicious phishing page. Also detects and exploits XXE...
A 9-step recipe to crack a NTLMv2 Hash from a freshly acquired .pcap
https://research.801labs.org/cracking-an-ntlmv2-hash/
https://research.801labs.org/cracking-an-ntlmv2-hash/
Want to bypass Powershell/.Net AMSI, but don't want your bypass code to be inspected? .Net Profilers to the rescue! This nifty little feature allows you to inject a (native) dll into new .Net processes using an env variable.
https://github.com/djhohnstein/.NET-Profiler-DLL-Hijack
https://github.com/djhohnstein/.NET-Profiler-DLL-Hijack
GitHub
GitHub - djhohnstein/.NET-Profiler-DLL-Hijack: Implementation of the .NET Profiler DLL hijack in C#
Implementation of the .NET Profiler DLL hijack in C# - djhohnstein/.NET-Profiler-DLL-Hijack
Windows Kernel Exploitation Tutorial
https://rootkits.xyz/blog/2017/06/kernel-setting-up/
https://rootkits.xyz/blog/2017/08/kernel-stack-overflow/
https://rootkits.xyz/blog/2017/09/kernel-write-what-where/
https://rootkits.xyz/blog/2017/11/kernel-pool-overflow/
https://rootkits.xyz/blog/2018/01/kernel-null-pointer-dereference/
https://rootkits.xyz/blog/2018/01/kernel-uninitialized-stack-variable/
https://rootkits.xyz/blog/2018/03/kernel-uninitialized-heap-variable/
https://rootkits.xyz/blog/2018/04/kernel-use-after-free/
@sec_nerd_en
https://rootkits.xyz/blog/2017/06/kernel-setting-up/
https://rootkits.xyz/blog/2017/08/kernel-stack-overflow/
https://rootkits.xyz/blog/2017/09/kernel-write-what-where/
https://rootkits.xyz/blog/2017/11/kernel-pool-overflow/
https://rootkits.xyz/blog/2018/01/kernel-null-pointer-dereference/
https://rootkits.xyz/blog/2018/01/kernel-uninitialized-stack-variable/
https://rootkits.xyz/blog/2018/03/kernel-uninitialized-heap-variable/
https://rootkits.xyz/blog/2018/04/kernel-use-after-free/
@sec_nerd_en
rootkit
Windows Kernel Exploitation Tutorial Part 1: Setting up the Environment - rootkit
Intro Recently, I had the pleasure to attend the training on Windows Kernel Exploitation at nullcon by the HackSysTeam. The training was well executed, and I got the intro into the world of kernel. But, as you know, nobody could teach you internals about…
netstat -lepunt # Show the TCP and UDP ports being listened on and if you're root, also show the process associated, user, etc.