I’ve been doing some crazy experiments on running an EXE as a DLL. Here are some parts of my research. Case #1 Let’s take a simple example like a MessageBox. [crayon-68f15dcfa8509788512837/] After …

Query-level race conditions can lead to serious but hard to find vulnerabilities in web applications.

I helped a colleague with a forensic analysis by extracting certificates from the Windows registry. In this blog post, we explain how to do this. The Windows registry contains binary blobs, contain…

Lateral movement is the process of moving from one compromised host to another. Penetration testers and red teamers alike commonly used to accomplish this by executing powershell.exe to run a base6…

netshell features all in version 2 powershell. Contribute to besimorhino/powercat development by creating an account on GitHub.

Confluence Server and Confluence Data Center Local File Disclosure(CVE-2019-3394) with Pocsuite3 by Knownsec 404 Team. https://www.seebug.org/vuldb/ssvid-98064

A cheatsheet with commands that can be used to perform kerberos attacks - kerberos_attacks_cheatsheet.md

Putting CVE-2019–15055 to Work

At least once a week I get on a rant about network segmentation. After all, it is one of the NSA Top Ten Cybersecurity Mitigation…

A Nmap XSL implementation with Bootstrap. Contribute to honze-net/nmap-bootstrap-xsl development by creating an account on GitHub.