Contribute to beahunt3r/Windows-Hunting development by creating an account on GitHub.

A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system - soffensive/windowsblindread

Inside "Hacker Factory" of training center dubbed "Eureka" or "Эврика" engaged in training future hackers among the employees of special services of Russia. Trained by employees of GRU military unit No. 26165 #GRU #Russia #APT28

LAPS Overview: LAPS (Local Administrator Password Solution) is a tool for managing local administrator passwords for domain joined computers. It stores passwords/secrets in a confidential attribute…

The Cobalt Strike Blog. Read new featured content, get updates on the latest patches, and insights into the future of red teaming tools.

SMB Relay has been around for a long while. I even have a post about using it along with LNK files here:
MS08-068 + MS10-046 = Fun until 2018
Here is the problem though. Most of the tools to exploit it either catch the authentication in NTLMv2/NTLMv1 (which…

Slides from my Track X Thotcon 2018 Workshop entitled:

"Fun with LDAP, Kerberos (and MSRPC) in AD Environments"

If you want the embedded Gifs/Vide…

CMSTP is a binary which is associated with the Microsoft Connection Manager Profile Installer. It accepts INF files which can be weaponised with malicious commands in order to execute arbitrary cod…

Application Security for the AI Era | Veracode

Skype Android Authentication Bypass

Florian Kunushevci
https://www.linkedin.com/in/floriankunushevci/

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0622

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - sh4hin/MobileApp-Pentest-Cheatsheet

In this Post, we will be discussing on SMTP log poisoning. But before getting in details, kindly read our previous articles for “SMTP Lab Set-Up”