a new metasploit post module for gathering information stored by #git. Pillage credentials, SSH keys, and locate internal git services for lateral moves.
https://bit.ly/2xFKIbe
#msf
https://bit.ly/2xFKIbe
#msf
ScriptBlock based functionnal AMSI bypass PoC tested today on a freshly updated #Windows10
https://pastebin.com/raw/iFVpKim5
https://github.com/kmkz/Pentesting/blob/master/Pentest-cheat-sheet
https://pastebin.com/raw/iFVpKim5
https://github.com/kmkz/Pentesting/blob/master/Pentest-cheat-sheet
Windows 10 Updates from September 2018 vs. Metasploit - Some fun with Windows Defender and Mimikatz
https://www.youtube.com/watch?v=cq-tgcmMHXU&feature=youtu.be
#windows
https://www.youtube.com/watch?v=cq-tgcmMHXU&feature=youtu.be
#windows
YouTube
Windows 10 dpdate from September 2018 vs. Metasploit
Windows 10 x86_64 ver 10..0.17134.286 build vs. Metasploit
Local policies restrictions/Defender/#AMSI bypass using WMI and p0wnedShell + Meterpreter session
https://cobbr.io/ScriptBlock-Logging-Bypass.html
https://cobbr.io/ScriptBlock-Logging-Bypass.html
Password Tips from a Pen Tester: Are 12-Character Passwords Really Stronger, or Just a Dime a Dozen?
https://blog.rapid7.com/2018/09/26/password-tips-from-a-pen-tester-are-12-character-passwords-really-stronger-or-just-a-dime-a-dozen/
#msf
https://blog.rapid7.com/2018/09/26/password-tips-from-a-pen-tester-are-12-character-passwords-really-stronger-or-just-a-dime-a-dozen/
#msf
Rapid7
[Research] Password Best Practices: 12- vs. 8-Character Limits | Rapid7 Blog
The most common passwords are a variation of company name and "password" and the season/year. But what happens if we boost the password length requirement?
#Formjacking attacks are on the rise, with the recent #Magecart attacks on several high-profile businesses. Symantec has blocked almost 250,000 formjacking attempts since mid-August.
symc.ly/2xBEBVw
symc.ly/2xBEBVw
Detecting Lateral Movements in Windows Infrastructure
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf
#windows
#security
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf
#windows
#security
https://sid-500.com/downloads/
Here you can find a collection of my PowerShell scripts and modules. Have fun with it!
#windows
#ps
Here you can find a collection of my PowerShell scripts and modules. Have fun with it!
#windows
#ps
SID-500.COM
Downloads
Welcome to the downloads section! Here you can find a collection of my PowerShell scripts and modules. Active Directory Domain Services Section (1.1) AD SectionDownload Alert me, if a DC is do…
Three New DDE Obfuscation Methods
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
#office
#windows
https://blog.reversinglabs.com/blog/cvs-dde-exploits-and-obfuscation
#office
#windows
ReversingLabs
Three New DDE Obfuscation Methods
Cisco Talos and ReversingLabs discover a new spam campaign spreading the Adwind 3.0 remote access tool (RAT), ReversingLabs details three new DDE obfuscation methods.
#Telegram Calling Feature Found Leaking both Your Private and Public IP Addresses
https://thehackernews.com/2018/09/hack-telegram-messenger.html
https://thehackernews.com/2018/09/hack-telegram-messenger.html
hiding-metasploit-shellcode-to-evade-windows-defender - the code :
https://github.com/phackt/stager.dll
https://github.com/phackt/stager.dll
GitHub
GitHub - phackt/stager.dll: Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows…
Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/ - phackt/stager.dll