ADCS: Playing with ESC4
Enumeration and abuse of Linux-based ADCS ESC4
Research:
https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4
Source:
https://github.com/fortalice/modifyCertTemplate
#adcs #abuse #pentest #tools
Enumeration and abuse of Linux-based ADCS ESC4
Research:
https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4
Source:
https://github.com/fortalice/modifyCertTemplate
#adcs #abuse #pentest #tools
Phishing With Spoofed Cloud Attachments
This article looks at how you can abuse the cloud attachment feature on O365 to make executables (or any other file types) appear as harmless attachments.
https://mrd0x.com/phishing-o365-spoofed-cloud-attachments/
#phishing #O365 #abuse
This article looks at how you can abuse the cloud attachment feature on O365 to make executables (or any other file types) appear as harmless attachments.
https://mrd0x.com/phishing-o365-spoofed-cloud-attachments/
#phishing #O365 #abuse
👍1
Domain Domination With Windows Shortcuts
This article on malicious shortcut files and how they can be leveraged to capture NTLM hashes quietly and dominate a network or domain.
https://medium.com/cybersecpadawan/domain-domination-with-windows-shortcuts-6aab1d72b793
#shortcuts #lnk #abuse #windows
This article on malicious shortcut files and how they can be leveraged to capture NTLM hashes quietly and dominate a network or domain.
https://medium.com/cybersecpadawan/domain-domination-with-windows-shortcuts-6aab1d72b793
#shortcuts #lnk #abuse #windows
Medium
Domain Domination With Windows Shortcuts
Wait, what? How?
👍3
Certipy 2.0: BloodHound, New Escalations, Shadow Credentials, Golden Certificates, and more!
Blog:
https://research.ifcr.dk/certipy-2-0-bloodhound-new-escalations-shadow-credentials-golden-certificates-and-more-34d1c26f0dc6
Tool:
https://github.com/ly4k/Certipy
#ad #adcs #abuse #tools
Blog:
https://research.ifcr.dk/certipy-2-0-bloodhound-new-escalations-shadow-credentials-golden-certificates-and-more-34d1c26f0dc6
Tool:
https://github.com/ly4k/Certipy
#ad #adcs #abuse #tools
Medium
Certipy 2.0: BloodHound, New Escalations, Shadow Credentials, Golden Certificates, and more!
As the title states, the latest release of Certipy contains many new features, techniques and improvements. This blog post dives into the…
DNS Abuse & Misconfiguration
The History of DNS Vulnerabilities and the Cloud
https://unit42.paloaltonetworks.com/dns-vulnerabilities/
Dangling Domains: Security Threats, Detection and Prevalence
https://unit42.paloaltonetworks.com/dangling-domains/
Fishing the AWS IP Pool for Dangling Domains
https://bishopfox.com/blog/fishing-the-aws-ip-pool-for-dangling-domains
Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target
https://thehackerblog.com/respect-my-authority-hijacking-broken-nameservers-to-compromise-your-target/
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
https://thehackerblog.com/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean/
The .io Error – Taking Control of All .io Domains With a Targeted Registration
https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/
The International Incident – Gaining Control of a .int Domain Name With DNS Trickery
https://thehackerblog.com/the-international-incident-gaining-control-of-a-int-domain-name-with-dns-trickery/
Hostile Subdomain Takeover using Heroku/Github/Desk + more
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Dangling DNS: Amazon EC2 IPs
https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
Eliminating Dangling Elastic IP Takeovers with Ghostbuster
https://blog.assetnote.io/2022/02/13/dangling-eips/
Internet-Wide Analysis of Subdomain Takeovers
https://redhuntlabs.com/blog/project-resonance-wave-1.html
Subdomain Takeover
https://0xpatrik.com/subdomain-takeover-basics/
https://0xpatrik.com/subdomain-takeover-candidates/
https://0xpatrik.com/takeover-proofs/
https://0xpatrik.com/subdomain-takeover-ns/
https://0xpatrik.com/subdomain-takeover/
#dns #abuse #aws #elastic #subdomain #takeover
The History of DNS Vulnerabilities and the Cloud
https://unit42.paloaltonetworks.com/dns-vulnerabilities/
Dangling Domains: Security Threats, Detection and Prevalence
https://unit42.paloaltonetworks.com/dangling-domains/
Fishing the AWS IP Pool for Dangling Domains
https://bishopfox.com/blog/fishing-the-aws-ip-pool-for-dangling-domains
Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target
https://thehackerblog.com/respect-my-authority-hijacking-broken-nameservers-to-compromise-your-target/
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
https://thehackerblog.com/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean/
The .io Error – Taking Control of All .io Domains With a Targeted Registration
https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/
The International Incident – Gaining Control of a .int Domain Name With DNS Trickery
https://thehackerblog.com/the-international-incident-gaining-control-of-a-int-domain-name-with-dns-trickery/
Hostile Subdomain Takeover using Heroku/Github/Desk + more
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Dangling DNS: Amazon EC2 IPs
https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
Eliminating Dangling Elastic IP Takeovers with Ghostbuster
https://blog.assetnote.io/2022/02/13/dangling-eips/
Internet-Wide Analysis of Subdomain Takeovers
https://redhuntlabs.com/blog/project-resonance-wave-1.html
Subdomain Takeover
https://0xpatrik.com/subdomain-takeover-basics/
https://0xpatrik.com/subdomain-takeover-candidates/
https://0xpatrik.com/takeover-proofs/
https://0xpatrik.com/subdomain-takeover-ns/
https://0xpatrik.com/subdomain-takeover/
#dns #abuse #aws #elastic #subdomain #takeover
👍1🔥1
📜 Abusing Code Signing Certificates
Abusing code signing certificates is not new. In the past few years alone, it has proven to be an effective method of bypassing certain security controls to allow malicious software to run and look seemingly benign. This article describes code signing methods, as well as tools for copying the signature from legitimate PE files.
Source:
https://axelarator.github.io/posts/codesigningcerts/
#sign #code #certificate #abuse #redteam
Abusing code signing certificates is not new. In the past few years alone, it has proven to be an effective method of bypassing certain security controls to allow malicious software to run and look seemingly benign. This article describes code signing methods, as well as tools for copying the signature from legitimate PE files.
Source:
https://axelarator.github.io/posts/codesigningcerts/
#sign #code #certificate #abuse #redteam
🔥5👍2
🔥3