π [ 0xdf_, 0xdf ]
Timing from @hackthebox_eu had LFI, directory traversal, a side channel/timing attack, a mass assignment vulnerability, LFI+upload = RCE, and a custom downloader to exploit, all on the way to root.
https://t.co/QHYKm3OnLU
π https://0xdf.gitlab.io/2022/06/04/htb-timing.html
π₯ [ tweet ]
Timing from @hackthebox_eu had LFI, directory traversal, a side channel/timing attack, a mass assignment vulnerability, LFI+upload = RCE, and a custom downloader to exploit, all on the way to root.
https://t.co/QHYKm3OnLU
π https://0xdf.gitlab.io/2022/06/04/htb-timing.html
π₯ [ tweet ]
π [ hackinarticles, Hacking Articles ]
Process Ghosting Attack
https://t.co/DCcAxkRjDQ
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
π https://www.hackingarticles.in/process-ghosting-attack/
π₯ [ tweet ]
Process Ghosting Attack
https://t.co/DCcAxkRjDQ
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
π https://www.hackingarticles.in/process-ghosting-attack/
π₯ [ tweet ]
π [ hackinarticles, Hacking Articles ]
Powercat for Pentester
https://t.co/irffdvbILa
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
π https://www.hackingarticles.in/powercat-for-pentester/
π₯ [ tweet ]
Powercat for Pentester
https://t.co/irffdvbILa
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
π https://www.hackingarticles.in/powercat-for-pentester/
π₯ [ tweet ]
π [ m3g9tr0n, Spiros Fraganastasis ]
Administrative tools and logon types
https://t.co/jGi99iBpvO
π https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/reference-tools-logon-types
π₯ [ tweet ]
Administrative tools and logon types
https://t.co/jGi99iBpvO
π https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/reference-tools-logon-types
π₯ [ tweet ]
π₯1
π [ c3rb3ru5d3d53c, ΟΞ΅ΡΞ²Ξ΅ΡΞΌs - ΠΌΞ±βΟΞ±ΡΞ΅ ΡΞ΅sΡαΡΟΠ½Ξ΅Ρ ]
#Suricata #Signature for Confluence CVE-2022-26134 #exploit #poc
ATTACK Potential URI Template Injection
https://t.co/8mVZhciNqF
π https://github.com/c3rb3ru5d3d53c/signatures/blob/master/signatures/attack/injection/template/template.suricata-6.0.5.rules
π₯ [ tweet ]
#Suricata #Signature for Confluence CVE-2022-26134 #exploit #poc
ATTACK Potential URI Template Injection
https://t.co/8mVZhciNqF
π https://github.com/c3rb3ru5d3d53c/signatures/blob/master/signatures/attack/injection/template/template.suricata-6.0.5.rules
π₯ [ tweet ]
π [ an0n_r0, an0n ]
storing creds for a runas-like utility in a saved config file is a security mistake, even if the tool offers "seriously obfuscated encrypted" files. all we need is just hooking CreateProcessWithLogonW (hello to @fridadotre) and no worries about reversing proprietary encryptions.
π https://gist.github.com/tothi/dd3bdd5d9f88ffcd32be15b2ce480aa6
π₯ [ tweet ]
storing creds for a runas-like utility in a saved config file is a security mistake, even if the tool offers "seriously obfuscated encrypted" files. all we need is just hooking CreateProcessWithLogonW (hello to @fridadotre) and no worries about reversing proprietary encryptions.
π https://gist.github.com/tothi/dd3bdd5d9f88ffcd32be15b2ce480aa6
π₯ [ tweet ]
π [ m3g9tr0n, Spiros Fraganastasis ]
Exploring data saved by Chrome/Edge/Any Chromium
https://t.co/5zAXvnmsa9 #dpapi
π https://gist.github.com/jhoneill/e585bae781f3efa7ac1992b79e037713
π₯ [ tweet ]
Exploring data saved by Chrome/Edge/Any Chromium
https://t.co/5zAXvnmsa9 #dpapi
π https://gist.github.com/jhoneill/e585bae781f3efa7ac1992b79e037713
π₯ [ tweet ]
π2
π [ NinjaParanoid, Paranoid Ninja (Brute Ratel C4) ]
Hunting alertable threads for QAPC on existing processes, rop-gadgets, Stagers and start address spoofing for the upcoming BRc4 v1.1 release...
https://t.co/5GH2Nwnp74
π https://www.youtube.com/watch?v=w8ictUBcCrM
π₯ [ tweet ]
Hunting alertable threads for QAPC on existing processes, rop-gadgets, Stagers and start address spoofing for the upcoming BRc4 v1.1 release...
https://t.co/5GH2Nwnp74
π https://www.youtube.com/watch?v=w8ictUBcCrM
π₯ [ tweet ]
π [ DirectoryRanger, DirectoryRanger ]
O365-Doppelganger. script to harvest credentials off of a user during a Red Team and get execution of a file from the user
https://t.co/0CpScve1sn
π https://github.com/paranoidninja/O365-Doppelganger
π₯ [ tweet ]
O365-Doppelganger. script to harvest credentials off of a user during a Red Team and get execution of a file from the user
https://t.co/0CpScve1sn
π https://github.com/paranoidninja/O365-Doppelganger
π₯ [ tweet ]
π1
π [ m3g9tr0n, Spiros Fraganastasis ]
Active Directory delegations inventory in Rust
https://t.co/qOoTA6X4yi
π https://github.com/mtth-bfft/adeleg
π₯ [ tweet ]
Active Directory delegations inventory in Rust
https://t.co/qOoTA6X4yi
π https://github.com/mtth-bfft/adeleg
π₯ [ tweet ]
π [ hackinarticles, Hacking Articles ]
MITRE ATT&CK: Initial Access
Credit https://t.co/wtfCJx9CMi
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
π https://github.com/JPMinty/MindMaps/tree/master/MITRE%20ATT%26CK/PNG
π₯ [ tweet ]
MITRE ATT&CK: Initial Access
Credit https://t.co/wtfCJx9CMi
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
π https://github.com/JPMinty/MindMaps/tree/master/MITRE%20ATT%26CK/PNG
π₯ [ tweet ]
π [ Tarlogic, Tarlogic ]
Vulnerability CVE-2022-26134 has compromised Atlassian @Confluence servers and data centers and, along the way, the security of a multitude of companies. Our colleague @TuLkHaXs analyzes the scale of the incident and how to neutralize it π
https://t.co/6k6ILkif0i
π https://www.tarlogic.com/blog/cve-2022-26134-zero-day-vulnerability-affecting-atlassian-confluence/
π₯ [ tweet ]
Vulnerability CVE-2022-26134 has compromised Atlassian @Confluence servers and data centers and, along the way, the security of a multitude of companies. Our colleague @TuLkHaXs analyzes the scale of the incident and how to neutralize it π
https://t.co/6k6ILkif0i
π https://www.tarlogic.com/blog/cve-2022-26134-zero-day-vulnerability-affecting-atlassian-confluence/
π₯ [ tweet ]
π [ ReconOne_, ReconOne ]
GitHub Recon in Manual mode - Part 3 - Database
credits: techgaun/github-dorks
#recon #recontips #github #AttackSurface #bugbountytips #reconone #Database #gitrecon
π₯ [ tweet ]
GitHub Recon in Manual mode - Part 3 - Database
credits: techgaun/github-dorks
#recon #recontips #github #AttackSurface #bugbountytips #reconone #Database #gitrecon
π₯ [ tweet ]
π [ ptswarm, PT SWARM ]
π¦₯ Everyone learned to run pip install colorama to exploit Atlassian Confluence RCE (CVE-2022-26134), so letβs see how the vulnerability works under the hood.
Here we show our simplified payload which demonstrates a workflow inside the vulnerable code ‡οΈ
π₯ [ tweet ]
π¦₯ Everyone learned to run pip install colorama to exploit Atlassian Confluence RCE (CVE-2022-26134), so letβs see how the vulnerability works under the hood.
Here we show our simplified payload which demonstrates a workflow inside the vulnerable code ‡οΈ
π₯ [ tweet ]
π [ _wald0, Andy Robbins ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
π https://posts.specterops.io/82667d17187a
π http://azsec.azurewebsites.net
π₯ [ tweet ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
π https://posts.specterops.io/82667d17187a
π http://azsec.azurewebsites.net
π₯ [ tweet ]
π [ _JohnHammond, John Hammond is @ RSAC ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
π https://youtu.be/pKtDQtsubio
π₯ [ tweet ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
π https://youtu.be/pKtDQtsubio
π₯ [ tweet ]
π [ DebugPrivilege, β’ ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
π₯ [ tweet ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
π₯ [ tweet ]
π [ ReconOne_, ReconOne ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this π
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
π₯ [ tweet ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this π
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
π₯ [ tweet ]
π [ SagieSec, Sagie Dulce ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
βοΈ Support RPC Filters.
βοΈ RPC Firewall as a service
βοΈ Monitor & protect new processes
βοΈ "Status" command for detailed deployment info
βοΈ Better resolution of source host and port
π https://youtu.be/BNzfmYwkioY
π https://github.com/zeronetworks/rpcfirewall
π₯ [ tweet ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
βοΈ Support RPC Filters.
βοΈ RPC Firewall as a service
βοΈ Monitor & protect new processes
βοΈ "Status" command for detailed deployment info
βοΈ Better resolution of source host and port
π https://youtu.be/BNzfmYwkioY
π https://github.com/zeronetworks/rpcfirewall
π₯ [ tweet ]
π [ DebugPrivilege, β’ ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
π https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
π₯ [ tweet ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
π https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
π₯ [ tweet ]
π₯1