Forwarded from PT SWARM
RCE on a backend IIS server via file upload with an atypical file extension.
More community curated payloads can be found at https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files/Extension%20ASP
More community curated payloads can be found at https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files/Extension%20ASP
🔥OWASP Top 10 2021 DRAFT is out 🔥
Now available for peer review, comment, translation, and suggestions for improvements:
owasp.org/Top10/
#OWASPTop10
Now available for peer review, comment, translation, and suggestions for improvements:
owasp.org/Top10/
#OWASPTop10
APT
https://twitter.com/buffaloverflow/status/1435596990650503168?s=21 #0day #office
Twitter
Felix
🙋Having a hard time replicating Office samples exploiting CVE-2021-40444 (MSHTML Remote Code Execution Vulnerability) because the server side component is taken down? ⚙️Imaginary C2 got you covered, it allows to easily simulate the server side component:…
Active Directory Pentest Mindmap
# https://github.com/Orange-Cyberdefense/arsenal/raw/master/mindmap/pentest_ad.png
# https://www.xmind.net/m/5dypm8/
UPD (12.11.2021):
https://raw.githubusercontent.com/Orange-Cyberdefense/arsenal/master/mindmap/pentest_ad.png
UPD (10.11.2022):
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
#mindmap #ad #pentest
# https://github.com/Orange-Cyberdefense/arsenal/raw/master/mindmap/pentest_ad.png
# https://www.xmind.net/m/5dypm8/
UPD (12.11.2021):
https://raw.githubusercontent.com/Orange-Cyberdefense/arsenal/master/mindmap/pentest_ad.png
UPD (10.11.2022):
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
#mindmap #ad #pentest
🔥1
Karma v2
Passive Open Source Intelligence Automated Reconnaissance Framework
https://github.com/Dheerajmadhukar/karma_v2
#osint #recon
Passive Open Source Intelligence Automated Reconnaissance Framework
https://github.com/Dheerajmadhukar/karma_v2
#osint #recon
GitHub
GitHub - Dheerajmadhukar/karma_v2: ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) - Dheerajmadhukar/karma_v2
Kali Linux Tools Page
Now you can learn more about all the tools that you can install in Kali.
https://kali.org/tools/
#tools #cheatsheet #kali
Now you can learn more about all the tools that you can install in Kali.
https://kali.org/tools/
#tools #cheatsheet #kali
targetedKerberoast
Kerberoast with ACL abuse capabilities
https://github.com/ShutdownRepo/targetedKerberoast
#kerberoasting #ad #spn
Kerberoast with ACL abuse capabilities
https://github.com/ShutdownRepo/targetedKerberoast
#kerberoasting #ad #spn
GitHub
GitHub - ShutdownRepo/targetedKerberoast: Kerberoast with ACL abuse capabilities
Kerberoast with ACL abuse capabilities. Contribute to ShutdownRepo/targetedKerberoast development by creating an account on GitHub.
SpoolSploit
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access.
https://github.com/BeetleChunks/SpoolSploit
#ad #spooler #rpc
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access.
https://github.com/BeetleChunks/SpoolSploit
#ad #spooler #rpc
GitHub
GitHub - BeetleChunks/SpoolSploit: A collection of Windows print spooler exploits containerized with other utilities for practical…
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. - BeetleChunks/SpoolSploit
Brute Force Wordlist
Some files for bruteforcing certain things.
https://github.com/random-robbie/bruteforce-lists
#wordlist #bruteforce
Some files for bruteforcing certain things.
https://github.com/random-robbie/bruteforce-lists
#wordlist #bruteforce
GitHub
GitHub - random-robbie/bruteforce-lists: Some files for bruteforcing certain things.
Some files for bruteforcing certain things. Contribute to random-robbie/bruteforce-lists development by creating an account on GitHub.
RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941)
Amazing writeup on finding a vulnerability through .NET reversing, enjoyed reading about the breakpoints that were set and how they logically owned Citrix ShareFile through a third party dependency
https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html
#citrix #sharefile #rce
Amazing writeup on finding a vulnerability through .NET reversing, enjoyed reading about the breakpoints that were set and how they logically owned Citrix ShareFile through a third party dependency
https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html
#citrix #sharefile #rce
Blogspot
CODE WHITE | Blog: RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through
Citrix ShareFile Storage Zones Controller uses a fork of the third party library NeatUpload. Versions before 5.11.20 are affected by a rela...
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
#azure #o365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
#azure #o365
GitHub
GitHub - darkquasar/AzureHunter: A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365 - darkquasar/AzureHunter